e1691c60588b2a9f29b9fd1960400ad478bef442da719adc03b5ee3af0ef31bb3123fb89b49a009dc30d67c31bf1828dd3fa85388a3c553b2a2140f96ba4698bf342150feb6a23c1f9078e6fbdcd6e9e7f11b89203b3583d3c3629ace43896bb14d", @typed={0x8, 0x1e, 0x0, 0x0, @uid}, @generic="53a4c4bb0cafee9ec02c5ab55f2db9f0080316ae85c22db203b67d5eba69e79423f5c96124f7ee8f4a7559361864cc36e3bd0c11a058aa0582924a6c4ce35d8d1d1d0a518fca76515422", @generic="586054ed44ad4993a95d9fe6afe633725fe5d3f116422a03b8605ecc25234e1c4c3e91bf4cf061b6173af47ec838e348714844b9a045fa8db200e5762c6a26f351274400fccdcd6feccb6cf74496de2872dc96a402e5cbca33756eb1f4ad6116f0418ecf74376422f1532a1447d58df23ab1f594e34283e7844437fdb5809ef9db70a25b9dac149c4f0dfa32486e4dd0511da842a29a4e3ee3811929ebff751faf509c5808c91fb46ace48a48adbae04974ed00692a0ae905b9eecbb210dbb66ac47f6ab6fe449f674eb7d456fc97939d2453b01855cec84547b7b379a522e286c3b01ee74e9e4d78b121ebb3a07703fb0818a2c4b4bd70560ca94e77633d77a4c29c8894b08d36d4c5e5a011deea2f083b6387cd2352b7d9298a52321084dba8aa833beccb48d1023a5316636edd56d62d75c329ddbce06678cebf9f3c617b68dfd3d5e9621363c8dbc86d84cb9900ac402e2d217a11076fe1aa6879fadd185df21e660686019c4e99c9851b4ce7f2f8d8307d291c68a8b9f3a98da8f0310ca9daad6c27ee62e96efe321e495f26dc084890afeb469fde4065546c80ffa51a632266278675f2e3cdf9be4e8b31d593935905799457136c2d0165eb565bb80532305a186a4736108746c4f4927b7ad4914acb724e44c8e98dad33cbee6ae2773244c8ba600938a5ddcb936ca2515c2a6a80ce5497b72b39eaecb32730f17d11cf1b24d57488d5f2344b1c8684357b86f2e967c6d4e0715835cea1f875bd34dd0aa74be3b9280bbeeab459c5ba17fc3b6a21ecb28882ed984ffb2f0a7c06c053a3999bb1a3eaf7b27b16d0e7e436012fb141a1a5a68e7b001b2df10a9cbb64be86a19f026806035b9d49e00566dd220316ab213fca29263d1254868be7503ebcc6d1e4253c2f37ca1c593b86112734c8213e16377077973e097d55a4d4fbce5bee7c88907cc82d8eab0724c8a5eee23c382c9cb655e322a62b24d4dd8951433497bc45fcbd0aa942816fb2ba68bf3aebb04189a85c8275be64cab6a05cac6b189bab70755d0f9e8dea5d506852c337f7991cc8f2e404ed26ddef6e221ca9a3472f64465ed139b271e6cf66fbd4ebd1c696bc1b8dff7f61dbbc2306cea76febd65b62542ec5297fd896ed9308e51d40c2016e67543987f040f69267d36aecfa82ff2a40d3f116c0564971d6e2aae31acb6bbc4c5066515b5dcf2455485b11bdb5f25dda466623c55fd600de02e976ea7ce9fa295c25cabdec75279c2215fbb8daad99d70dfb030a3877757af9fab4a704da3ca51e02f91f9e42db18dac282a29d97f5040fa983eb5009d1dada707dfc6aac1c99ba0a9ddf8d70457faec38307302e4692933c578f714fe4b9f02a71544c1cd8396f1915a353362afd5baa99bbe4b65dbdb186bf6be4bca6d9000f737863512c4b5bcbecedeee33eb9d157f7ddab29ff445f68e6e8bb109c3de963e23d46a024dddab5f4a5df735caacd579cf113f6f0c475c5359fe9127127a94a12348d2116d492738e12fd75cab98173d7848306da28c76d722dce1c99ff1a24c7175503cd7ee89b2c50ab42fca907d42804e9d69091b0e93c539f98dbaad98dc6a8a09f6a14af26d78c0b1e77f943c01e53e51425ede28431799890deed563a122722fc9a4c6f90e89b5a23a67fe6f0cb184a9e65ee49090abb8aa523c2fd10c3b253ef49aaba9e1494067e0aec7795e52c831c4b1f01b00de96cd7605ad68bf5861deb5f765ccc6294a1d5c6709150592e1b2df10d659e40efcfbc71a10e72ef61dd12dc952e291ded7552025bbdfbcddf66efd9bcc823e97b88e618075fc03a3415d7b6a59a429b8d03eff579b74aa726c502e6219ae55f37273f2607037c8278b165809921084af404b3d9117445a52ac028918c2192021bfd5ac6230c44bbcf1dafdfcd0ccc5aa90bad8abc0bb3d80e36c95a2c50224d9e476ab9f88df3b5ee9b95e21e91204b181fc29faa423979acf402f388d9c8a6a012f8b180de6100e065437b7a276a7482702b08a258433495264d3d7e4d76514ee4dbfa892aca1b868406dac644aa54587aaefa7c2e1ece79a4a1b98000ee63646a074c1dc5ee7052167d459744dc6dfa6e94638260c234c033b7c26d716fc69b0c1740b06b55f75e0857c31f106ebddf22aac54c7391258cf9d226ec3ea2147df7573ceccc2be8288b738993b755f376ebde55c6dae2c77a625c6a59e1f1c20cdcf899f59438aee333ad3c553aa088a27d423c81b1ad38673f1f13322fd0642fb0ab9ce910e7be187bec63fd581e8ff10f3c04978b042256f91ce42f35f3a505b9a7db741ffdf12eae6ba734d244c81d11941577402af4d9e58c6a57e3d6c0342a80ea48e4646df6de1ae7860c67dba425dda232f4a5e593f73f7c32e7999842af0a1a22c71f5a89a8f3cc160979d6fc81d175026d42cef56d14a89baf810df3e15659d409f4b76f190ec668b6d86a6e82e2009fdde44265763c5b282b7645f69b4d81b9cc82f957bcde0421fe6a0b20bea29727b1366e41fc7e461c181b1a4884566dc25d3743796c437ce17a53362aec0233a472a1586b44c6928b43c54f604e4c293c42c068e565b1d2c726449663d293692b45ed56ca0124aaa1e38b80485eeef34b04910f058a1ba4316b4dcde971b2f74ad4eeb714f855a93c11318a08e727336467c538383ebfb28e61d170b8f5bf2192cec714c621949d321a218bff5c37ab18e3c293b63f76258b603edac4e803a25e8e999f3e2f6fa719280e73d8feec00be87a0750333c70c78ff3232a3f029b625d6af2d9142f3101c4847081e673bca030613216a9b4f3339cbfa991db680f0ac0d7391bb720c97a0315d887d573462def0eed4a7b8e1b67292a008b61193efd9fcf1182fa4fa4c41984fa8effcb93bb1f1ccbcf248d7348ab66c7394e77ec28bd12bb0e82b25d37dcfedc7902238100992f2f36ee88a5dd767b1cfbdf4a1de8a0e7780ac9d281f5426fcdf927b1353d4713d4b5f11d433bb10a16ab2f3243b76dc2a1e08e7a0f7e2d38fbbb530beafc376cd07329871f9609204a875e73cee1e473f3faa949909a47023de4da18fa4b5db6dba58636de9d7d2a2d3f94188c95cb61c29d2c542b8456bc45e8b7074ecc3364ca20b2a836cff27a80f8304f3838bb2ba076e1017f6426ca437fc5bdb9dd623d7cddc0cfa27e261006419a27cb31a2e0aed06f6f5a727108c2ec3ae90c9d5007b7a6fc6599294081d01ae5b09776784e672cbe725249e1c3ae2a7c03bb6b6f9577ac113611055cb6f4c3ac171cb98f4c0b22a16e162e41bc46054eb4142cc80988ad9f6f18e8a563a4c4a7222d7ededd55869ab33b2895dbdb85afb766b9b0cf7df4d7a914a1dbe321d9e45024b050aef7f37dd57e05bc62ae9ef1950e698ae1fa38a4c5482723619aaa7c774532264df385c092b0d3d35d164e6b2007920deb014955c77603fe90687b0e11abaeaa32227cb8d0e1fdd5362fb22e834d3cdfdc521a3ee7974238329bdd03e77cfc1a1fd619a60c3cf7e20b1b0e6aa4867fb40faf2361dd2a65813ed6d2dab7d7e5cad489def609a2c4213ecffc0515d8596dcc1b12c8d1c810755eb5106c740ef586eafb999df6d72baa28be5f09a5bb80f17f9f9a692f39e23d05eeee2d176519d6626e8cdc4237d589cc38da3769b74c1bc162b5d695a1b2edea4d216e5dbed504012440cd69ea1cfe7eea7a38ee501d8dcb28d115b61b655296673c9eeeb50689c25177447b6e2e26d67220a5770c43cc1c7d1c80f01e2a6b839cfd16ddbecb7b46f07cea01fc2525ffdb9dcdfd77df615684e10d6670264fef59f6998909a77a86f5cb1cd7bdb972cc8a902d434ff2c27ee81499fb0b9207ebe25ee5723abafe80bce0954e65c57a33eeefe8eee3b468eb93ffa1c6a345182d92798138856bf2a809586df2777168bf23b1ebd502349ca5790f15d4a620ee4e7e631591aaa4bb30694766f3551fcdbb466c18bb41425a510bad42d3c5c9a62a20efaf42dd76ab91f6809ce99360ac8084b3abe7f5c856523f2f5c7ec15ee6900ed301029a5a2dca92d125310713bbafd6870b7bfb0fddbba821a566932b9dce98d02ad065c96cf4f8e7436700fc2901c0e3405a5a249b016f63ad5681cae51a9a1f37c1309b8fd83e1f8a961f5fe7b289eab12b0a86d404f38fec03e9a288c9c383c0fb7c56bdb7dd1f94498e06022a7409aeff43ba76f77acd753079999c93a66ee151f4a0a1ba7165e91801c8f5b58ad3f3f3dbc59bf8b960a6de75882615dd6a672e2009025b705392529a76a32f7bfe9a89cb9256f4f15f20e3f57602d13a32c29683ad67be2131dff6d27b571d01ace762cd89800e4ba82efe358d5269994a5395b75b62306bb1ba7ecba8d5c2388a9336c192865ab5585ec74f149f83535f6b82cdbf9cdf313638fe42e29cb58d14e8da5c082648dc5ba3ee427d7170c043fc1a7182f9d85546177d923d535c2ea276e55056480b8f62167d493d0117efeefaa67330860a8d4ba5e52c0b971df4d189ef0e4c5df28e15b42c490c4934d4f84870010e88f944c0f8d61fe7207343fc7111180922e688f2d5afaee09c696713f86305cc7dc86fbf49e45f9f6f0fb44be6ed95c1bc1fd6f15608436d4c91b3a0b1b2be570c8b75a461a3039b8702b3ab68de0d8160863c7eb90378e965fc261487a33045184cbf0e37dd9c67438d6267751289462b50d3bb2deb88d967397be61f221ccc0a3cefe0f793c3afc040598138364a2047f5300c775dc4e4d5673cbac318a1b33a90b3234ad639b7d4c2343f346eb7696515ef460ade1e31301b19a3a6927f17399090424ef80d1039b8dcd9fe3d5ccbd30485971add473968744bdde5545cfce83f8c2c4ba9def6be86cb9bd5f06eca83c639eac96743129ba6f0f6d424493b16f0c4b347bb3f04bb20bcdf734380deca311aea278c01bdb6b9436eccd7da84fd1bcdcb5ad6abd7e25d4ca76d5388a1cdec2b1c15caaf44b90a2eeb0d17882599fb3e618875672a1fd67c65ccbb39935cff1b61a84b458c654b8573a6e434ca383da5d1c748097b13da06d414ca5da73d9319353eb07639fbe9fc43b96ab22a009db5bcd42eb37d8ff20c6fd9fbe8b8c4c49d95bf6d1ceac59eabc0b058404c7bb749c25e11d367145065d6448fabf7a72cefd306404c3b890ef4f6d6b81b1e288747ce3ddc5a754e32c80105741c00268438bf4083865f7ad202306eb699bffb3eb63f16e6851cfba1ffde13a6e6e2569e97eaf39abe7d7912e5361da3b00aaab4fc71e80c49e0c829bbd8d0302c6f84f24b67a18a39b1747c63b8f9e5c57ab61f773267baca5519e45cb9531d2e23908d7de349a314adefd14b474de1840fab5b37d10242d54661aedcb7da1c63e6182710f28dd182b15ff3cec4d6cdc9c28da0c01437c73366ffa948f785bfee57b0c12f7b807529a5e47aeefe371a96da70ac5362199d50e648af35e2304e2b6e4ad78f0cc5189b000f4292be229852f4443a68fe39c308a3ec7849139fbedaa0d2b83503c6d7fb39643a65ec7974d4c443673a27b0a3a790c9eb766a095ffe476efb4274bac6b6c2afca18e7232240273d16653053043347a0d4543a66b8d6e0b42b4b2e9cdaca5a83375cc3f7b45a20730ac1e2c12c529240ad521aa4d50c152099fb0750073e7afce2cc616b504866ff14349960ae9b7269505562f656b0997f3cb7920faef332c964c2410db01916621cb9c98d279ad233ba6d2137bcac07d5e4450138465471ed52a4b0db245879d6dcdb58aecd", @typed={0x8, 0x80, 0x0, 0x0, @uid}]}, @typed={0x8, 0x2d, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x15}}, @nested={0x68, 0x30, 0x0, 0x1, [@generic="e4cb245f1ce1ebb8346deec8d1b3aa5971f63c47e7771c400f4228833277992667356c4a153e489aa30af4e5083d2cb146eb50355c7cfa0697b25faa0091302cc721f3a8fdd8ce30f5a01ed436177894f489fe85", @typed={0x8, 0x3c, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @typed={0x8, 0x26, 0x0, 0x0, @pid}]}]}, 0x11ac}, {&(0x7f0000001300)={0x24, 0x10, 0x800, 0x70bd29, 0x25dfdbff, "", [@generic, @typed={0x14, 0x2c, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, [], 0x0, 0x0}}]}, 0x24}, {&(0x7f0000001340)={0x2fc, 0x42, 0x37adfed280ad0fd5, 0x70bd2d, 0x25dfdbff, "", [@typed={0x8, 0x6f, 0x0, 0x0, @uid}, @typed={0x70, 0x10, 0x0, 0x0, @binary="68371658e523c0cd72ba8d86eea188f1926718310269a5e772a839c4395d6da3cd0ea149657c5345788e1bf189ca999adb5d2c507e5f7422da28ab915fc816f30d952a2bce6daabe9d3e1905a153f3fa6cf0a2ae34ece633b2413e4fa5ba19cc32e9df06dd719ee10595c2fc"}, @generic="d1126d692de030e799795da5753dbc1b6a2b490e5560008fc1086352161a1e1e01b50da9c9d70e1ae5249111b0eed23a38b662462dbcdb111f064563a12224c7435a970ceb8fe74c6ba11a26a69cf2f736267f3ff4964d6e4a5af0bccf967dd97a618b7b097cf5920992d3213bd7763472529cb74a01ebb53c9e773860a4eb5753678b4a43543cf9e4ce70fc25cb83fdf493f173d70a7c1a4fc844e35539192ed667f720", @generic="3d50a72ff052f155dbfc9110ca22a16b8146f8ab1ea7c01ed9e5522583cb7149695cc6decf11a07e99a503b71237911ce1c1be7731089e08767e85ec9a76fdda0ab2e94c0648c88b1e5a643ed8c5d93a5d70cea9253e79a48f405cfc80047d8c4b207957303df254263292896b39e88186bcca07981044e9ce42328e22abfb4c688c6edb0918638f5f611611105b82c16e0846d7b4591948f014461acc88c4b847025ab55ae99a9b409216fcd1ac7ac0a93ab16e3ee1fb766ad26a3feb0a5d49d0d3a7c62435090eadfb25c823bd1750d881c575064c6bc504062e648749372b8c727367b80bd77ff2b394", @generic="0ff0fbe65ef362d0ba74a4ec97d3c3ca461e3979f9f86576ad5731c4", @typed={0xe, 0x2, 0x0, 0x0, @str='/dev/ptmx\x00'}, @generic="df48d9ba300c73988f10c9948bb8d6dfec0f3d62a0b050f3fef88decd189f374e52518a04acb710b796d829e70d51fce63a8ac68e8b76790a08bd5f8db2fa44f5ccde3bf37827322a92b17c90b88", @nested={0x67, 0x3, 0x0, 0x1, [@typed={0x8, 0x73, 0x0, 0x0, @fd}, @generic="3c593a212cdcf637e755fe1191f87abe56138cf21c41b9ebe59ca033aeba1933bc4d12e820103684105e54521d7084ccb2e348d77267abc971cb11201031758131323cef9a49a542ba40c1700e1562095a2843", @typed={0x8, 0x6a, 0x0, 0x0, @uid=r2}]}]}, 0x2fc}, {&(0x7f0000001640)={0x238, 0x29, 0x100, 0x70bd26, 0x25dfdbff, "", [@generic="4f76f33e25f93a9230037359f09faa41cd038b5654adaad4bb34df743dfb6db832", @nested={0x84, 0x45, 0x0, 0x1, [@generic="321e0d260ac640cc9b5498e89c2a14f96191f80c5efb5a6b2198305f3b2915af0542caa58755d686a349eacce01a23010906a50bb5973c537e6dac7d334c43c9628651998319b43740eaa1e02cfc4d0165d43193dab4954ac1dc03181224346bce0be67d71c44509c7feeb7f34cbda18832fe6411aef4f3f", @typed={0x8, 0x55, 0x0, 0x0, @fd=r3}]}, @typed={0x8, 0x32, 0x0, 0x0, @pid=r6}, @generic="1eab0d146b12c542c18908e4eb2cca93ef28d8cee3fa11ec32bebf8df1c77162495aaf0f02270b96d071140355e8c1b7c41ee35b433672b9e4544f172293a24c83e5023a62507393c1024a59534705398f2a47744fa9897c2963fa9af1dbaa25a90899d9bb5d82ec941f7aa22035dabfd9850bf0e22904e4b87613b46da6e60430824b8b8f9500ba2b22a4931553e53e4cca27afcd025aed6a80ae9390", @generic="ca7ce8236e4333c7ba30a286f6045ce254bb7b2a1bc0ba4407cce16a9bc32e694426e4c07d539d281a5cbdc7054e5379516ca60b4dafd1a2c1448d05a52baf264ed102620be00f7d328eb1418caad482e7095c702567a50c659bd57ad28d03b34b3c01fb2d6f37c16be4a311bb66c7691c3151b08bb43eff52c9cb170a497a9ee810e19543292856f4b50457ea5606d237743aa4a956df62a476ce0927ace73f984f52c5e42236a080ed727b46a5e985914a95ccffd4f6b16b90d623a15a6bbfb204e5d09d054e8f6e732dc22f9d752ffd5bd657dc56d689819f7a"]}, 0x238}, {&(0x7f0000001880)={0x1c, 0x25, 0x400, 0x70bd2b, 0x25dfdbff, "", [@typed={0xc, 0x8e, 0x0, 0x0, @u64=0xf61}]}, 0x1c}, {&(0x7f00000018c0)={0x1b8, 0x2a, 0x20, 0x70bd26, 0x25dfdbff, "", [@nested={0x1a5, 0x2d, 0x0, 0x1, [@generic="e5052defd5e9963710f019258dbb4446c2e8c77f48e397c6c31ae5969e827be912ee3897bf9ba26ae9a55b4c87c36ffc796094ad59bfea45cc44e86c1d486edec18749575bcfc6b270a9d494a4778d0926cffb55d1b23fd22a0b5ee1417a92f6e42e3d7981c9afd8a2c9a411caa3c5991f702939a94c1cbfcd6bae2928156248e30de78ebde41ee44308319e5f00dfc417b73b7375c1506cee5ae88ad3c8cbaff2814e2d011e89a1ffbf89ad6ad87fe8eda6fb95a2d0e6181a7403237dd632a6b378fd18", @generic="97bf501d849df2a81fe450665a73a9f0cf26334613101702801d53776c3918f5071cf3b21baf19673996952200652c2510cf8178cc24697b7b5f4edd9bd915773712517fa75f44f98d7e1127d183eb3d7c755cbb41d45abd9f332d687512d980f1a18d96ceba0dc5aeb1cd1fda1db6a0fe4d3e60d677a2842a40812c7617f48219ae116acd2d9a9c0b06dbe3071f601e1a2bc2157aa0f1275eabe813895b76ddeff879dc60444d5aa17317bdeebb0d73835b89d30081f00b6aa5850bfeb47bda1f7319a7af2456859a094ef28aa0784be54e603a82", @typed={0x8, 0x86, 0x0, 0x0, @uid=r8}]}]}, 0x1b8}], 0x6, 0x0, 0x0, 0x4010}, 0x2040098)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[  963.362967] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  963.362978] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  963.362986] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  963.380064] Bluetooth: Unknown HCI packet type 50
[  963.383516] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  963.383524] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  963.383531] R13: 0000000000000be4 R14: 00000000004ce08f R15: 0000000000000038
[  963.385485] Bluetooth: Unknown HCI packet type 50
[  963.421462] Bluetooth: Unknown HCI packet type 5e
[  963.430670] Bluetooth: Unknown HCI packet type 5e
[  963.468314] Bluetooth: Unknown HCI packet type 40
[  963.489837] Bluetooth: Unknown HCI packet type 5e
[  963.506732] Bluetooth: Unknown HCI packet type 43
[  963.511626] Bluetooth: Unknown HCI packet type 5e
[  963.518991] Bluetooth: Unknown HCI packet type 50
[  963.524370] Bluetooth: Unknown HCI packet type 40
[  963.529276] Bluetooth: Unknown HCI packet type 5e
[  963.535536] Bluetooth: Unknown HCI packet type 40
03:50:24 executing program 4 (fault-call:3 fault-nth:57):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[  963.659812] FAULT_INJECTION: forcing a failure.
[  963.659812] name failslab, interval 1, probability 0, space 0, times 0
[  963.672987] CPU: 0 PID: 15513 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0
[  963.680908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  963.690295] Call Trace:
[  963.692908]  dump_stack+0x13e/0x194
[  963.696566]  should_fail.cold+0x10a/0x14b
[  963.700743]  should_failslab+0xd6/0x130
[  963.704731]  __kmalloc+0x2e9/0x7c0
[  963.708275]  ? __list_lru_init+0x56/0x650
[  963.712423]  ? __list_lru_init+0x67/0x650
[  963.716587]  __list_lru_init+0x67/0x650
[  963.720664]  sget_userns+0x4e4/0xc30
[  963.724391]  ? set_bdev_super+0x110/0x110
[  963.728552]  ? ns_test_super+0x50/0x50
[  963.732472]  ? set_bdev_super+0x110/0x110
[  963.736621]  ? ns_test_super+0x50/0x50
[  963.740509]  sget+0xd1/0x110
[  963.743529]  mount_bdev+0xcd/0x370
[  963.747074]  ? msdos_mount+0x40/0x40
[  963.750792]  mount_fs+0x92/0x2a0
[  963.754205]  vfs_kern_mount.part.0+0x5b/0x3c0
[  963.758696]  do_mount+0x3c9/0x24f0
[  963.762248]  ? rcu_read_lock_sched_held+0x10a/0x130
[  963.767379]  ? kmem_cache_alloc_trace+0x63e/0x7b0
[  963.772257]  ? copy_mount_string+0x40/0x40
[  963.776623]  ? __might_fault+0x177/0x1b0
[  963.780687]  ? _copy_from_user+0x94/0x100
[  963.784825]  ? copy_mnt_ns+0x8a0/0x8a0
[  963.788698]  ? copy_mount_options+0x1ec/0x2e0
[  963.793180]  ? copy_mnt_ns+0x8a0/0x8a0
[  963.797063]  SyS_mount+0xa8/0x120
[  963.800522]  ? copy_mnt_ns+0x8a0/0x8a0
[  963.804422]  do_syscall_64+0x1d5/0x640
[  963.808318]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  963.813504] RIP: 0033:0x45f2da
[  963.816686] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  963.824403] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  963.831674] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  963.838950] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  963.846218] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  963.853480] R13: 0000000000000be4 R14: 00000000004ce08f R15: 0000000000000039
03:50:24 executing program 4 (fault-call:3 fault-nth:58):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[  963.939174] FAULT_INJECTION: forcing a failure.
[  963.939174] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  963.951056] CPU: 1 PID: 15521 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0
[  963.959011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  963.968414] Call Trace:
[  963.971006]  dump_stack+0x13e/0x194
[  963.974638]  should_fail.cold+0x10a/0x14b
[  963.978944]  __alloc_pages_nodemask+0x1bf/0x700
[  963.983609]  ? __alloc_pages_slowpath+0x26c0/0x26c0
[  963.988655]  ? find_held_lock+0x2d/0x110
[  963.992711]  cache_grow_begin+0x7b/0x410
[  963.996760]  kmem_cache_alloc+0x695/0x770
[  964.000908]  ? __alloc_pages_slowpath+0x26c0/0x26c0
[  964.005956]  getname_kernel+0x4e/0x340
[  964.009843]  kern_path+0x1b/0x40
[  964.013194]  lookup_bdev.part.0+0x60/0x160
[  964.017427]  ? blkdev_open+0x250/0x250
[  964.021310]  blkdev_get_by_path+0x70/0xf0
[  964.025461]  mount_bdev+0x4c/0x370
[  964.028993]  ? msdos_mount+0x40/0x40
[  964.032692]  mount_fs+0x92/0x2a0
[  964.036049]  vfs_kern_mount.part.0+0x5b/0x3c0
[  964.040544]  do_mount+0x3c9/0x24f0
[  964.044074]  ? rcu_read_lock_sched_held+0x10a/0x130
[  964.049088]  ? kmem_cache_alloc_trace+0x63e/0x7b0
[  964.053937]  ? copy_mount_string+0x40/0x40
[  964.058175]  ? _copy_from_user+0x94/0x100
[  964.062322]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.066220]  ? copy_mount_options+0x1ec/0x2e0
[  964.070707]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.074585]  SyS_mount+0xa8/0x120
[  964.078046]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.081953]  do_syscall_64+0x1d5/0x640
[  964.085889]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  964.091182] RIP: 0033:0x45f2da
[  964.094366] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  964.102073] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  964.109427] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  964.116701] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  964.123964] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  964.131255] R13: 0000000000000be4 R14: 00000000004ce08f R15: 000000000000003a
[  964.140758] FAT-fs (loop4): bogus number of reserved sectors
[  964.146757] FAT-fs (loop4): Can't find a valid FAT filesystem
03:50:24 executing program 4 (fault-call:3 fault-nth:59):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[  964.256390] FAULT_INJECTION: forcing a failure.
[  964.256390] name failslab, interval 1, probability 0, space 0, times 0
[  964.268250] CPU: 0 PID: 15529 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0
[  964.276284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  964.285652] Call Trace:
[  964.288259]  dump_stack+0x13e/0x194
[  964.292029]  should_fail.cold+0x10a/0x14b
[  964.296199]  ? set_bdev_super+0x110/0x110
[  964.300346]  should_failslab+0xd6/0x130
[  964.304384]  kmem_cache_alloc_trace+0x2db/0x7b0
[  964.309150]  ? lock_downgrade+0x6e0/0x6e0
[  964.313335]  ? set_bdev_super+0x110/0x110
[  964.317504]  sget_userns+0x102/0xc30
[  964.321230]  ? set_bdev_super+0x110/0x110
[  964.325399]  ? ns_test_super+0x50/0x50
[  964.329315]  ? set_bdev_super+0x110/0x110
[  964.333468]  ? ns_test_super+0x50/0x50
[  964.337370]  sget+0xd1/0x110
[  964.340408]  mount_bdev+0xcd/0x370
[  964.344075]  ? msdos_mount+0x40/0x40
[  964.347814]  mount_fs+0x92/0x2a0
[  964.351202]  vfs_kern_mount.part.0+0x5b/0x3c0
[  964.355724]  do_mount+0x3c9/0x24f0
[  964.359319]  ? rcu_read_lock_sched_held+0x10a/0x130
[  964.364348]  ? kmem_cache_alloc_trace+0x63e/0x7b0
[  964.369216]  ? copy_mount_string+0x40/0x40
[  964.373469]  ? _copy_from_user+0x94/0x100
[  964.377667]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.381579]  ? copy_mount_options+0x1ec/0x2e0
[  964.386088]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.389990]  SyS_mount+0xa8/0x120
[  964.393460]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.397367]  do_syscall_64+0x1d5/0x640
[  964.401282]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
03:50:24 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x0, 0x8}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000340), 0xfffffdf6)
sched_setattr(0x0, 0x0, 0x0)
readv(r1, &(0x7f0000002340)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1)

[  964.406515] RIP: 0033:0x45f2da
[  964.409716] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  964.417440] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  964.424732] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  964.432091] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  964.439402] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  964.446698] R13: 0000000000000be4 R14: 00000000004ce08f R15: 000000000000003b
03:50:25 executing program 4 (fault-call:3 fault-nth:60):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[  964.570063] FAULT_INJECTION: forcing a failure.
[  964.570063] name failslab, interval 1, probability 0, space 0, times 0
[  964.588487] CPU: 1 PID: 15549 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0
[  964.596403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  964.605750] Call Trace:
[  964.608342]  dump_stack+0x13e/0x194
[  964.611984]  should_fail.cold+0x10a/0x14b
[  964.616164]  ? set_bdev_super+0x110/0x110
[  964.620309]  should_failslab+0xd6/0x130
[  964.624271]  kmem_cache_alloc_trace+0x2db/0x7b0
[  964.628937]  ? lock_downgrade+0x6e0/0x6e0
[  964.633084]  ? set_bdev_super+0x110/0x110
[  964.637221]  sget_userns+0x102/0xc30
[  964.640924]  ? set_bdev_super+0x110/0x110
[  964.645061]  ? ns_test_super+0x50/0x50
[  964.648938]  ? set_bdev_super+0x110/0x110
[  964.653077]  ? ns_test_super+0x50/0x50
[  964.656967]  sget+0xd1/0x110
[  964.660025]  mount_bdev+0xcd/0x370
[  964.663574]  ? msdos_mount+0x40/0x40
[  964.667276]  mount_fs+0x92/0x2a0
[  964.670631]  vfs_kern_mount.part.0+0x5b/0x3c0
[  964.675150]  do_mount+0x3c9/0x24f0
[  964.678680]  ? rcu_read_lock_sched_held+0x10a/0x130
[  964.683682]  ? kmem_cache_alloc_trace+0x63e/0x7b0
[  964.688547]  ? copy_mount_string+0x40/0x40
[  964.692810]  ? _copy_from_user+0x94/0x100
[  964.696944]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.700827]  ? copy_mount_options+0x1ec/0x2e0
[  964.705337]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.709210]  SyS_mount+0xa8/0x120
[  964.712649]  ? copy_mnt_ns+0x8a0/0x8a0
[  964.716540]  do_syscall_64+0x1d5/0x640
[  964.720423]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  964.725618] RIP: 0033:0x45f2da
[  964.728804] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  964.736506] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  964.743774] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  964.751053] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  964.758439] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  964.765706] R13: 0000000000000be4 R14: 00000000004ce08f R15: 000000000000003c
[  965.102059] Bluetooth: hci0 command 0x1003 tx timeout
[  965.107440] Bluetooth: hci0 sending frame failed (-49)
[  965.172098] Bluetooth: hci1 command 0x1003 tx timeout
[  965.177600] Bluetooth: hci1 sending frame failed (-49)
[  965.183567] Bluetooth: hci2 command 0x1003 tx timeout
[  965.189113] Bluetooth: hci2 sending frame failed (-49)
[  965.492016] Bluetooth: hci3 command 0x1003 tx timeout
[  965.497411] Bluetooth: hci3 sending frame failed (-49)
[  967.171915] Bluetooth: hci0 command 0x1001 tx timeout
[  967.177285] Bluetooth: hci0 sending frame failed (-49)
[  967.261996] Bluetooth: hci2 command 0x1001 tx timeout
[  967.267310] Bluetooth: hci1 command 0x1001 tx timeout
[  967.267379] Bluetooth: hci2 sending frame failed (-49)
[  967.274096] Bluetooth: hci1 sending frame failed (-49)
[  967.571950] Bluetooth: hci3 command 0x1001 tx timeout
[  967.577278] Bluetooth: hci3 sending frame failed (-49)
[  969.251877] Bluetooth: hci0 command 0x1009 tx timeout
[  969.331891] Bluetooth: hci2 command 0x1009 tx timeout
[  969.331927] Bluetooth: hci1 command 0x1009 tx timeout
[  969.651839] Bluetooth: hci3 command 0x1009 tx timeout
03:50:33 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:50:33 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), 0x0, &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:50:33 executing program 4 (fault-call:3 fault-nth:61):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:50:33 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000091fa8)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha256)\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendmmsg(r1, &(0x7f0000005c40)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000980)=@hci={0x1f, 0x3}, 0x80, &(0x7f0000001a00)=[{&(0x7f0000000a00)="5ae1743d7b6ba7c49a3d41ff8ed11f7f7681450778be6e58411a70e41b03c17c913c93aaabef28f888e8730ab0df668119f3af3e712f3f3bd7c021b9be6b3d6a548cc4bc21a71dc66084361eedf3600f7dd5230f27dad6d8d90e9df8c0ffe43a427514c1a452be113bb1deb642a4e41ad8426d844328c6c6d0b096ffa27ce02f4980d2a9e185b8e95696aafbe3b47ccc2932a759b50bc13e4faa7a81ef5dab9fb98b797eb06112313d95c3da3e2fd8f977bd54d33c1d9c5fe8f9dc999457a53ff04b8def490686915643bebd9237dfc96adb4b34ec0c22f67e2f9a61d12f0c66405300628e5ea4a239a7741e48aea3a38a3d2f0e31a9dc15af865a719124dc60f2407da035913205d47d7a69a8609ae357d57e7ae2dbe6206a0af0dac9fc62e909dc0366b226b08b9e1ecec2d69e4ff06a00d34c7b39568ed521efd29dff8465c607c593b84be6fdc9869f656261f0412d8ceafb140005181ec271eb27b70e7e5a447a81295016a813d92e5870ad85c44eff6cf4d474cb84e81b6c48b876f646ddc2bf200006aa8ee05bb16544e4bc0f2b267324cda50dfc7c283c886590820f251282610f8fefa4d0882b54751a0a1141b5da8a93f2b8c8f59a0d55b26693c7644b3944abf0024a3aab833df87247bea4ca1758d195619d135f79074cb98e51fc5bd6303ee6fd691549b0e87778f2412a8ee23097897a93aecc6cdf915b2322117bda697b19edd7483695a048d714167d04e91595157e0d5d7f05e01b2f9451f7d94cb2ecc8415fe6e2d45546e1fdc384950f588c8c7ed7b38d2272ad984859683a8763e6e19e87c24108171ddc3acbd761631f2108d4e44304f6c0eeaed64a22a2c96667bbc59f5560c100bd463785ff9f4cf24098a958c384be4a5b312a1601e1a917e3fc6c546c5c261d281ff80f3a8d0030504042824e021470d1824f109bf0e394cbeb6b6d80b2472a7bc59fffe44922a93be667c8b26e81eb545a544c8655767fdd5204f47ad3504ff996806b0ad2d07c6d72b7d3fbd1aa25b9d9a2903e7774f8de8a7fb733be5b5cbcc886b884a3b58b3b00254d1490ca9f462318accda30d9391a9bab72871a7aa0f6a559be0664f17861779d5d125cf29f7ee1704620bf4321b1ba6d4501c3d9817faf8fe2d420d38bf0ebec08f8144a68553483d1785f79db6302fb87f28ac6a20513bd2969848b80dc3f74d0e1db3993cfa3c2d0c550298b1530da961bd6d9f2089922e20a01dab414ddc2faa463a8bfd1f3041610306ff19f0234777924694e8ab229416d42e25503a8b41755c2ec41cac85bf170020b97c363d0b09ee6776d2c1c47c9d86ecf794d1038a30f19e6ee28a44fa445fcb4bfa528e7ba2e1c7f199d91fa34bf34a4bf3a8d6ed10e71c08c6f0dd5d2dcaf2d0831700982ead36ef0976e8ceb7b19b419dec86fce07046c1ec3ed7accb0605c51b2aa4f6d63fe43fba51345961a72da1854a72b05136c75911a232bae619abfb088962b4815462c79b3fadbbcf7963c5c87db9b934c9238951a64cf45a03724b1fbd78d4093f69bc1f789472cbf9b58e2731c3dd85eb083dc644744d4e7101c3d2fa9b3f83a3bdfc705011ba31f56a97ad30606b29679e88ceb5da89076c53097382acc3117f9c806dfbe3b4d6715b928b98c7d6d49904f32c30058ace9e381406efc24e837d734ca057785c207a2041c1511a8010ffae5625a80be61f67ec53b2597159eaf1f25bb5190f449a90510be3a3aa52ff602b2323c3ef2084f50b2e4860fc434936044428beff17ea2efa4210c59a4f9a431e0772588784be9b46672c085a06af279ac2878c3dbcf5edb041ab83f35764572b39990e9dbbafd8270af38a3fec83a186c1f0910e3d8cb696186ec05c5d862b7a1ba03ed0eb324471424f4835ec789026e051d75fd198108fae4b440a8c64d4dfb0df37246215d88c4738e2e8ec4f2c9617a81cdf54b39e8988db4cd06c6453cdb5ea875573c5262885b35404b0876600b583c6b307cc15a4121832423c44562621d4b539fa39ce0e11c3bb5047fe8104244568039b23175645d7fd3cd06b3616af47dd8484b12313d195cffa7c3d7d9ecfdfb7d62b873c132ea08f891b9f247def7be55a7148a0906afb06eb21e445f414ce455806f5b21a5c69d3a2729f78fa21f1ad7d17180be777794ed1a33e02baf0c836d5240baa92da382f938af74e967c4ccc87811bc038aa933afe96392b49c412b9b2e9affa231ab3c9774fd3a0aa4cb1cdef3c077e8719306e588b0bbc1b8391890c879dcd850e2ed645155cbe51131e29842ad79dd5aad9f03ae1cc491499011491850a437a1291aa923a231685a7b9dbd6c56d5e9991113d0151c1c61b69f5974224ec29ecf0026c0e397aabf0525cd0bb0e0b3f60c4cf91064c7bae124599692704f4ef5d35438699d63206bfcb68b9b5520d25da2940723dbf73293287005897b67a1bbbc101f53b24e4dc066c84ba41de97da4687b04d529b9b3ba5eaea5f9a31e2a3331c02c3ddc0bbe9392145d4d027a42dc7214b2b2225f012c49b7969099e92384da9c894cee2a3ed59df99d41df48bf8fe4534a9887d7beaaa4b965c1021126ccc1b4e3e8dfef6644e6c8802d936deba286b7aaf0dc086d8e4d20ab1e5da6b02c198dfcabef3cf29c48ddc180eca22e334b21788dcf43df780d89f5ce5791888de812dcd489f39f782aea89fcf405d314e6d9dd19615dca9d87638c818627c037707516e9a877d3be2bba7c58374685e6b3c39375986c9a08b422abca1531e9aedac08da1d6b205a5ef27cbecb3ddd813695182b73e802c91e67e7470d69f096adb57610dfa21340df1c0e55cb5cdca3a16e1506a6c28be4928a3338c20df33ced5eb9f38996f1c15c799f245ad3fff1b5f6d7530adb41bf0d7f89496ff33efb739e1f87fb8d5c07c20b78feeebbc1a609e279c2100c5f42bc399670ffa5319e269fd4bec528a1f9da2631f1cd58c2a2d7c72239607144ea791db2e108cee8f816913f1c22ac3880f9d67f88c8fde553793ae6b16efdf6891a8dc4b13d1975b5be6de2aa12d443d374cda526de013a503272bc2b6382cb82bc94675a887e3a814b013714206ab687f58944280420e1041da776aaf9a54398bf7445b34d2042ee6d9a127e4db6441bb3aa6baee679f0f444c69d43bbeab434f360060e43d5815794c83faa6697ff8870d842be0d7bc88a27bef27762a1692eaad4b45079b886c994a4db233f206e7b36ee5bee46cd4c5401bcf0c03f05450407f6e2c7284ec25d27f87d70293de2008a76383e9b7d191925b3115c476eb78e8ec26410b469d77c670bd8b4e7f4e866af40f3d74e97807725d7ec2659616447e3c585cb23b0fcf5beda8bfff91b5a7e0cbef18208adfcb01a61bc614212bffd1c733f89275b3533fd41ceb59311ea4f69b361e2a6c81274faf3166b288ebeed1e0b29b548f06e076c80b0492a59e61aef45964090673963edc6b144d5a6429a59003a29027023a29dfd71359dc8cf08269b8d537e700477a18423ee738aaec5f453065127fe01cf757194e6e3f4e136e29bffd54fa107cfc53199d6c04240d7fea9a05b218a7f3f92792d8dfedfdc4bea519a37c5e216f105cddc35a909c1fabd60aafc4264683a0009960d2b5f60a3f683b4ae0506d0f9f23f24f1592c06016872be46a78c13c6ce9bc3f1ff5aaf97ab9c172f6d910c78eb7d127e7772d97af1e278b6e542d46dd6dfca76bd4b22c1c083e9df9e23a2b2ec962e95db3adb68fd9507617646a86f4e39e9b8ef9e1a810994712e44e9013f167604dfc1f353a689ff246187d8663813cfb2dc94ca8798134ffcf70e0a9345ce8eba10bb6e446038a1269f0f79604ff52ce3d3f00e273c70d9890327e8c39cdd83aedf329352e996eb4dca6df325c3e4832f35c2b65d2292997ae452624f3441319df768ae779dca49f68854892252d1fc46b94076c9366142d1a57c03", 0xb00}], 0x1, &(0x7f0000005e00)=[{0x38, 0x0, 0x7, "c0a59510620a6936f59a8b77c95773e329d44033c57032fc85e6507100a578de156f"}, {0x50, 0x10c, 0x3, "a2292e86be22f18406bc7bcbf4906cd8e789cc22d78acd0926772a32cc19874eb6fa8e4c7d860b6229efd474b64ce4e4adda21435e11c79e8b"}, {0xe8, 0x112, 0x8, "5a9c9287979a20d0d416407356c8fde61868cae75ba779aeaa4850f02608fb57ff408286876345fd9352af90067928394ce62aa953b246c2c5f86fe3e43d77e77c75baf0e58a34ff1dce00c5f076e1aa432866f9aeb6d01f955330487cab9fe84fbfe70bdc5f917d67e5a77dfa24e42117647fd95908f4d0d10dcb3544bb23b7419a41f98a83010b8aafb63ff3525e926dac2157be316deb33329f6091f075c0d208232a808216b67d080008f46df7f954ae6c799e1548cff5d3d1b6ae5c39823e6686143586d7c4bfe44be15305e824cbbdb87f"}, {0x110, 0x10e, 0x920, "b2d5a7255ad5beb835f9265029e405ab9c66a8dda71b91c60e82c219e95298ebe5ebb7ed572f335002049bcbee23af8c214ad5a7391a49cf1cfd7e86a06c8df921722776667877698e07bf41cbc0458aad8525aee0f18734fc04a6f4d7d53cefabb8fa3e8f9818fa77b4e1030000002b5fe2888120932702b0f0fd53a42dd87638ab73572d788f45f8413bbafb5366c06569ac797a0d5383aed292bc3070c6e532b495bee6526862794ae353e8ee2bf47d26fe36df40d797826d73ea7033c1c3445ec6b1efd42853f5112ebdb71a026091aaca31dc6c838579148c4de336a542f6be2bb66a2cf84185561ab848c5e409c169bdd9e3292db244cd75b18c5dda"}, {0x68, 0x110, 0x80, "53edb1ced41e3886a4e1f90bcf7dd9ceb38ab491dea5f91c9247e50930c40bb452c170efa89cc72f80dd996d4dd91816ac5ff3c2be6231ad5aa43c707a66c352946e3d3ef41daa6eae13cedb63b4e53d6089d5660f"}, {0x28, 0x114, 0x465, "55763c5a0dc311b8e84f9eb5663e81e1e953cff919"}, {0x30, 0x111, 0x3, "7693398a63c577bde77923a2f1683e422347c5508b46404020"}, {0x60, 0x0, 0x10000, "d3692df70eb031054d09c1d01833ab3bfe050cbb9ad6dc6ecb4c06d24ff31dd4ed980c92e1032d668ce4a8fc9f2a79bab00c6e141ba4079e77023fbcc86820e64114b55ab6dee7a1f1769b"}], 0x3a0}}, {{&(0x7f0000001e40)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e24, @local}, 0x3}}, 0x80, &(0x7f0000001f80)=[{&(0x7f0000001ec0)="e21fdcb50d90026e8e39387a443640f8609aeadb1199b0de5cc4b52f991aa5d7a4e26049467e31013415a7705b484ee479e43ef4", 0x34}], 0x1, &(0x7f0000001fc0)=[{0x38, 0x102, 0x4, "96d6d9ca7311ef9057a0d23e88e5ae3a0f7b65df3e75dbd3dd77e69da1d93fdef20b3b76"}, {0xe8, 0x110, 0x0, "8248ae3af2804c22278744bc11529fc4a1e01151971cc9effc4d7c33b8304fa2a1fb4aa4f99c71782ecf08efa557b073d1a7b8e7f989d2f3449dc38ad60d5325e8e725d2c68d849c5942124563831fe1747f0f18e50b1aa389bca2f6fee0a63d4bd52ec12b5fb8c7e1f44c6229aca62cbd846ecf5acf4b8e0941d4b3a03f337d623f6d9916e108af06b0eed709f1dea486fc6621e7f88badea103c06dc5dcff2ddd7f9c4110efd4786f3cfd49357709f77ac9f7738394926209943a52c15253b3ef887822b7cba283dc17df7c6e79d3dd3aa14d64ef3"}, {0x30, 0x113, 0x360, "304275e3c48300471764870d1cf0d2b7b7bff21d04f248f4c32c90b598ae53d7"}], 0x150}}, {{&(0x7f0000002180)=@l2={0x1f, 0x0, @fixed, 0x0, 0x1}, 0x80, &(0x7f0000004200)=[{&(0x7f0000002200)="cbd2ecbb4912bb4a62548ecc5117efa514244a0741b97c70e864af3fa61bdb06e3897ce87b101b2d78862861e0d5ef530f35b442d8a49602dc64983ae06437c9a50f522fe678e4536d637f9bf83391d9873fee85eb0f50f66d090b26f44bf658ae70cc716fecde04a0e42b7dd9573e915c6a5b9e857adccb6eacb06b7471eabdeb1f85857a8eebce58343425ca7ea453e974363b032b7e20ce8fc3b340840f346d3ba46f780944f91cfe9da5aae0472c46d0272a90185ca902deb6368c0f0fea0709eefc5b4ebd649bc921be363e8046f04f2516c8eeb50620ab5681c0100b9f290b652ed879e8417dc6b16b366566b595d43a56177fcceccc72bd9c3cc76736f1517d077fdf3a039582a7666242cc7da1aa9db6745c8ad96be73b674e9ac5299895706d2fc9fe39813a0473e0862c2d9d00526be4c88c4fe6a8d6cb03db1f944daca72d71a7ad86a834150b0c871d1fc22fe24674843c6e297ab6a583df58649f15c38bdf2e219659f128ed9a745b0e3dba8b6ffb2b8ed402808a68c8af85ffbdbc2223807ac73ef51b52dd29f9e0b917bb6b148ebb629e6f9768b18709ec3e6acb7de642b319562ac06d67393ceb301b65c6525989454bd57acd8f8282d90b3e54cd6eb184e8313c5a4e56ad38ae87224053141df5916291b0ef5cfd2ec502716c094e53896badcc084893556b24e1ee1ce5e8cc4be250d301d860b3713d2c15d6057dccfb4450ed148a212449e45708a8083df99ce32d4b8945d3f617db7ad078eaa6bd406ebac90d6ad6971be65aa829cc0f169253b8af76f265603c5f450e6f798fa90eabe82ca9b459426e9ca5704f2ff159d3ae838d19357b2afec9e9f2afea2b582fcf9ec3b84708bd73856d88ea1c05455c9e09fb0930ce08767a3f97b9a2067f1759065b2be26a3eb803953571fffac8177ca3a38d56324261c285c96aeb518d720fcf02ee3360e419e2747d595169f593aa875f36e662b3309599a1e7d7353e388de62f01f7a7e6c113367599f352e98d4f56ddedc6c3c898f69aa6a8c5cda308c3ea97c5d6b9dba182af77a8a80d79d2aa3a3c8fbb8818649f911c928c5ef11044ff4e70a68340fb9d84fc3d00959529a5472ea44b16313333eb61f6a5648cb7017ef76d487b11775dcbc9f68fb29473468e651f8f2be7a2ba10650d57a589fed3d07e60e229cac7f1f41948c5910e76fa775bea46f021aaa58ef7ee56aed094d74405347f97bdf67c6a938f655f88e3083a86ff2096a2839c1d02f8584cce43952044ff7d115535a3183fea2586ce0c663faf32f7e6465e4d5041dc9e70a2759d25d8b99962ba5f8185b4abb15fd5c9e1384ab994b7403d7d828941e5319717290478872481d60e3ed3532c57d261cc0d9067b96ac0566cc0d1f297bd73ccb0cc45722fcaefbca8510e5511bc538905a7328200775dc3c8dfec7bf58eebc09328d5faaaf7f5c40395bbf7e3e5e6e8375c1a791cff29051906dbd9c9abb1197d5ae1a17dfaf84fe0ba562bb40bc25a1e1a932fe6ca45aad77acf37d344e33c00201397adb2e5970b83a82d4bf623f06c4ea6d257c1959a08f307ca1ec6928d53c6e88ce50c6a390501ad36ff2c504bb4c222ce4a0876af98714ce37d35239ff69dd247f0d6b7b189dd4446cf086ede22fb44963764dd4db47ab187b879ce9479f492e8638c3a55e304bda071cdf84351f82b3e0d34c361834873349fd70a8ea468a5f192c1512ac5ab066da6472a8d3621240da9552df7514dd68cf632d6eabad368bc4924a8795901f643f292858b49546fd2c8620d507f2e1a7840634ac698d5a921b5605c76a63c5d46cc5e847e6a1a870ce00daa265a9c36a3ce18231e761d8b1b71c3e6eb19507b75cc1c953e69d437cf6740c390457a60fef181aecb1d08b25805a0a5e62c86f277e0e0bdb5e73a5da35235ca49379da03ab9aae834356c9d1779da0291388cf044cbb35bbb329af58cd7fb3d9d6df162a4db64b8084d32b99016c61aed0c643a427330ca96e68502f1d71cbd5a6b9943529e74926cb1f27aa578602fa53fa894fa4d4a88458ff14f7c2f53ade4fa71fbacf61f9d8d1a95fe60bea5f2baddeedc029afe5fed97deeea5112864d4c6e3adffc5f2156d235666238abaab629b698dc0b27c00e350fa829bb3306b07c6a942d2e26234fa286e2d296c2b1c6cd104e2c52aa03813a8d02063b56ca19af428c59f2bfef69ba76e930f3061e3b9652df063faa17af02b06854585321952abeb43133240e8460aae46679956fd6be253d072bb450ab472508bb2d063636dc61901e706cba150debc34089a48facedff29583209f921f904fe5b917a2e01c971465baf07dcdd915143b7286d04a1d58c31d17b09ebed622e062a05a5c70f168dc9c0e87566dcab7fa1cafa4bcb3c9de14c68e49c265febb58c5d1670efb38994673b2c1dfd7db0b777d3589998db3e5a7a8fad8476b514f3d63486834548b2b2ad25938bd9e568b6926df7bc9daedb10b2a7d0733d0376967ec9d8868085fdd4df04639811179d7e3e3e527ee854e0b844ab39fdaa685f354ad3b5e2f8ca0b54539829d342edd7c4dc1b22407966645fa956be6558c2cbdcb7c3c655d5934073bbae695d18c34c394c3ce6a2eac7354a12e35a5b7cb329a7a810fc9a6a77c99fccc11d5060ba2891c7240132cd90aaa245fce458a490c6b65c81415456e546b1696649c43be083d1c6b577cfd8efa6c128a32d686bb37ae4de3a3b34a609098b8c20e995e69dcdfd539684000439c785a547cee440b5404159d6fe56f06ea677e4f803931f79a6a586f3eac699f34c5898b3f661c9b097500035431c637faa4484c845f914fb98409ce7a0e832261ef666d458a035484db8e5bfefb39234687f45ec9f29aa0822ae30c65fdb80d470871483e90c1c6a16a27601239d4d27fc0063140d33d68c11bf1b46be050ea6a8e9148d380fc22c6bc6af2d3db88db5d4af3f95b5efbc3af8223ef06f710c0f59e94fb6c6395b4dd2e462f77fed535731d97741098dab2f4a1c7a3ed3ae61379807cc2f6b10e19b373aa7f27adb4c6cd326fc38bcc3b26f17bff75f976f9ffd3815b7991061634e90fc261f089965039e5af26bd73bfccc6e5f4b57dfab0b543e3682b7e53a313dc2d6a8709cba46e09b579415a489095e911391d38b7df3de5ddfc026f1fcb5188ea501286e18d8637492b437bbc33f6b01db1728a247be48fbec15ffc221e687299e6a929d67e758a3e8c74f49bf7cd0c7ff73effbaae02015a4d83a78b57985bdbefb57374f8f0a68d7c23091d679dd118e85de9abc687b72768010a883f8eb7ff7f3a1d9f35dc159460eb81911e52ad2fe2496e9db5768d697570018f2f332d166fc0776eff6f9e438fda35ee750f8cc1112b5665842440f8674b13eb3f60a6484e03011dc786c9bebafe5f2adfeb9501355ca42f431b0cc8c8dbaae05868e3bdf73bda57d02e060f3b420e63924bf87ed291cb1f360aa4db14e5cb753ff1664167047f23a12c4f40af7901845f469cf89fab9b36a4ae182e154787e5929c004fda4e337e2633a8fc74609fb2ddd48fa455a78f846f87f24ad35d1901786aa4fe015425d4850b7c4881d0f85b8cfb4847d24fe9291a1bede492086338a74cd2211c66236fc1996980a9cdbcd883f203b44b2e61dd132cb52f19bb8926b87112d21c3d8eb0e3c12c0073ed609bd7f813c1cef948a0c296cc7b02a57584e6a32d3b8ae044a7c0fbfd81c73e629b2fb15e1023d4bd307c47770f8bcd6af7b5167ab42123642b3703e44629a81e5053007b97fcbae3520731145b068e7f5c4da6a700f409382c0aa165ffc22339a5a408ea06acfe33ea17c5cc9a0ba8a6a4186f793ead4a90a154a9273b4f247da62733932ee5543e65371aadcc03a62a0f9e13ba4778c75850fd72e088f1a014c30b8317ffc4d3c42c7dfab504750566b6e7c7e45106463126d4a96da27090d1d9cd3f5099b47e4ed68ac8efe573ff249c6e6828b3cfdc1a8d9823d16626ed51f3ce915d0b3f551e02ada776668318ed88290bdc54c6d20fef634a75e0739477bd1c698fc445a7610a947280ed606f0f7f044992fa6af7d0c7154cd458f0f6406d51f22325798a9bf3aac2564b056fcaba348a8d4ec69748b62022d5f33395ebd294872f62120bcf2bb2ef2b4d4833305edf0a00fbd21a59192e1cc67546871f9eaffad58a4962a6eea2970adb70c3b268d9d11e59c7246d3359b5085b7441961bb3a5308b6904af14c595a18e86630fbc06cd7ce131e67206ec01d967cb62d10afb3414efa41cf69c6b0a3ba9639b816d2bef410f3b9f2a955b8309f0478368f901df45b6e3d1656830798581873c0510cb3480b79d33a2f002da089f5f748483e30b61c85e6a13bf3cb151e6aeadd2e390cfe0375a73d3443656a3eac722cbcb5db8af31fc55567e775695493e8d96ef28c16890196b7ce71611ba01be58ca9c7a4c9165495421eae303316761532fe8b924143f8c9df95d8c1442ff19c2484dac383ed87c27755ce3d652eeafbdbca443a7594ba0a0bcb2ecdfef9e3aa9cf0857f2cccef41bba1caffb98c81abc0b0542dd36606b8e0a66eaa019d219d35fe11a37e2422e8554e97ad1c59429df384b322e5a52afce2fe618aadccb37a5b362bd8165799c15397938005cdff54abf1eb1a23409f8dc49013dd109fdcc9d41267516f5ed0d6f89415a271d1498ee2881687b1df3017373b91157b5d4a605e22d445e63650cdc99d90aafa60b458a8422979d52d98fb6ba10321d394387c271de67a7cfa50a1fa0503feb5b18f02dd8b293410ab5772d7b2b27e4f905da1066632f795a1c0e684106b005f62e00e2f53904a3ff604163e2b90eb4695855b246fd7916305395aaa0a604037ac517064a7259888c05aa8b17d8a759b7c683267bd90ed26c9ef301ab50246ccc4f0e4a28d352e9ed36c6c5e3d069845388bf5b2a5df86502b0ea0682b42940eb1f42e48d936ca885a8da773c750c50c5f92915b1cdd361916c5e7ef9e2d643f824fe6804936dbe7c3893f62e6896fe75a26715e96e18862c7e6b9fcbec9948ac7ac17f061bf79470bd117ba2e3f7638392552f0adc26990687f8b088384eb3e63c38b6c1e8fbc040944c7ee285dbe317716e16957f57ac8df6f58653261a6dc69ddf092f9ccda8b70a4435b4fbd448dca29c5926da91d8f8ee87dc96aba5ac668041df203198af30f750b05843e0b9a456a38566d944656b5eca55231e6a609b18052796d7cc594e8ac768efd6fca7ee41e8e2d2a82a08ba885a010a8e2f3ca3f65319", 0xeb0}, {&(0x7f0000003200)="e1cb9f33b86b56538e15f07ef6a1c24473705337361e7b62b7b786ec89d113904effd29f8f2b2ff577d25da9dab4cec9d882b0167edb716d7ab621c2235b4e9d9bec4b344f096de3dc4f7d85e67f863de799cdd2d8ee8f19fcda2a22a59d4dcd4e0a21259e2b20d9a39e2c12413c27382280a8401cb16e72a784b3a49ba000295c36c4aaea33e55be997bac3470d0826cf9062bcb66f65460bf8330075a6ffaa048c358268ab80c30141832c0913d3a636a7448e5d628e779efa5b38969b263ee224460e4c82d2ded9a9845d27ea15f54dece422458e57536bafb1f4d4775751b27e0ee5bd8b0c1f1555f968fff9b916493c27a329c3880f01861a3addd427937ce10b2c977557b91cf978dbb1d5593e2b66d50f1c79cd35c119beca6599c1a593aafb3be8fcf2164e6d9375306d531f35dd4cb7029df49b357bb3e7db1480794adb52ffea9e27d0abef6d077b19d07b4accfa656636cb33c50f1d4bf64105c0ca59ec1be4b752bee08d399e3dd0e89db4e617972b53b7d3f569ec4d74628f000fc1c20ea439662c6954f64120d7aa8116128cec418a1710d90779a6dbc6786960ac3ae8b5d1f69d0a18b46235bbc88b5f8b5f740af9a2a52e957ca45baec6973cfb2112056c8680d4138b1f1226f0d60adc8640a4f4852c60e62fa86a8c7a100a8bc0ceada882de18558fd99cd2eeed90ae93934b13c6b0c43830706ffd785516a2e68e5d5886dfcee0f5dbcf42be5d52ae97e158c9e880fb99ff3158f6f24ed29e532085b640264330875cdd50e0e1e9234568dca776300a8fd5b561ec68067f6f173a426ab038cd8d86dfe466d6d82a75683a2866172af56d8a9fc643e2b146eaffb2d0bc895949b68d13ecb88679301e91233a601a09756679c36f5160379c8786a6c25b492ea55213c701422c6883c0d740e916a6e1e28b171a9c6f75466e6147dcf6af6ef35f578d5f2562045f032d7e13d644eaf377353b5aff8388179580b0fd9f2ad346445ba8bee083e7e917e43b3dc474de2d0487b827c013504c0dcf8670748a4f6fc31aa977b573b24aa16c47773e13ef8dd74b5604809b7cf37ac531fc3fccd6c8f24764398343a3affc5a3043f1ebcf24da29188c76f680a08198bde4632aa8c2297ff6261c6deb3f3ab6c099afdc09acd5f5245bd434a29360f70903f4e8c78c8603f8d4af1a03b142a61240feca79b1bfe7c763b30bfa53b936a100af7f2033236e483b751f820e181cf91c2b9df24a720781f2adae5e1a232c59791f2c77687608dba930c3709615e93e8944b7f77faa593aefdb81bc7743d5c0c2de11e652d1509292336deabf1368c6ad12c1e233027da283a12b22ceb9f04963ca2803ca80b1d3792ae8203dfeac18dc5156fec8b030a81c216f84f7aadaf3e0772ba04881fbc9d8ff6b95665f99bbc7fb8b9a29773dc0853d2ddd12f6db55fd4834b0f9a68bae8bc04826db7ed9393bf5e271045d6febc0e84adae0ab1d6d35b0776ba43866492bb266cc8b7c07d962d8e95709a8592861b3977ef6cbfb856e4232bb210264cec02ec3223342f48b5416bb988bc4b67368d2286f1a5329356f9984aa4891b4c397a672684d025118faca98ff1bcd23a0a132676d54ac6b3d7ed36cc3367afa635f438d90473d69943521965d81f84cbe3d9699c9f0052c2380f3f5f0c40c31391e56b25ae7ecab0fe829f63bdcc05bef58d6151f31aa131a97699c1a2cea90908f3c27a453ec4a1383c3e4327831f97442ca8b1fbcc48453da389b85a41ac4f7aa5e4dd707b7811bddf71e0c83d49815664874b103c7a676b277697efa80049ce6e7418de04075ef2c423227272ee2e6ad0e4960bc5c2fd7d966c828b660062dcc43d033f2c5e75a31a98fa4702cf18d0a3f02b3da5a03784eec28581b2352d0ded465e120631372c38131bf926d58694e5caab69cf973f0ca20ec838bd329f0f7ab76d76b75846d265b68a98472aa41398d2612e9e5bf357b25725a299bc449bd0e1ea7a80b6c05ec5bdd19992b9e563894e621f13e466c881de823e384f1216e579a4a0b97186d214a6da6afacd395ed2a5006141d8eacbf68492a5e4b099765785924374da32f46355be78d336b833d3e9b41c87f46c433b03a4da9810da3a5053b2135a5030d98922f1a30fd55b3d32c1bc41add7744faeedd70ddd3662b49d33234c46b8e5389735a9c817723883d120a1047d089d8ba5545fda8d8025c10952e865f69740c292f6490d9e708224e3bc7c7ddccb8c8d25c4ad8266bf5ca8d75d469127316cb73d98651cf58e4d70e0cb178d8fbb810bbf8312b661e1ce429978286357633afe6ac92f1e1fabfead84186568389e2b91d9dc70ce2eabcd5f49f5ab18ff1bf210d657d7b0283c426fd548d1572a390db471e16ff1bfdfa5f84fbb61963e5c99b8243b674e899f859f396c6b49e35cc8806a6f5b637646f6a3b5f929e0865358876576865f781ebaac9cce5add0a38a2203b3f991618797cac6cbcee27f31147be5c90dbb46f6404a393ecf2b2662c983018d82f42662377409858602b1c6ed606df029ba3139c3bf025ff363ded88626bc268e86871108b2c565b65efd91e30d9b9e87bd2fa14d45279bb5eb4be4bc4f44c4b509ab9ddeb2819c12ce7e5fe795bff069cdacbf815b120126d831b9eac842dd5881d2d4f5cbbf509a91b84debe452ee20595a4904c9f372f83ee2644e0c15aed54851e7278b2ea875781c6ae31363ad423738d378c615f753340c926a0d0d35bd999f5554a2fa6236ad788516535c78dea96c746648bb2eb15312d7d694bb6fc741471189f004696e322922a2f3e36f4f7928e2a5a9f862727c84c79bb1aee8b29201bccba8b9e8738eb93da8777de0cc92bc00ddcf5eacedbf21c69d9d99ceedf0403717aea2d489dbc23fd0eace6f3331a1faf7249e5a8b9a1f3f72acc8b61a88053ad028375b832ab18207cd5b170d1bb9f29446f060a77fde435616bdd6ec313f3c44f24b62bdea914ef155e174dee5070150b2de9c612dacf6a3e2849c6147a113eacb2f4436eb44bf0c743b9c7ad9f8f65d33ddca61e1624225a53997ebc8315ca5155e22f957a75671773b7a3fae2f5a0a76c6f5705245d432b66fae8568a32e9d053bea6066a8225ddee794878df2842d62afacdb0ea93196d24c8ea445c7885990e03eb4e7c94586bc404d61a93c06fc62328bc0f1bb0bdcc091aa7c3164e4b799485313016e43e8a8162b64b515c5e2c8fd47fde6324918ef9594dfe88fb65f62ca15c650a5eb6120e14f42d58a38900b45698827108fc8d790c3256b951164338331f8940055c8e804301b120af1e599f51d0953cd3ca40b8055a96ea350bd5b11bf4327b1f3be3be0cb92322780877e311a8ee34d5ad2f3e2636905483e755a38659f12f3995710d2ad57928065d2ed2a22a815c3cbe6c89ac92201eb01a8229894295e73454fc144c1551a6a7ea1ccb0140d443b64a5b63cf184eb4b0e0d8b13d9c4efb22d6af1a6d97b32272489b00762c2911f93ea9fbb3f155a61e74fecb3493e945b9415e8c06ce7fe8ecc524c02d87d974b18519c6b1596b39164922a0ba703dc5c9f1f406dd3e2b504dcaacd909c871f94d851f6ded4c5030a6968dd2b33f4756c499d7468743d4c5cf6ff1b907c68d8287b7f1d90a9918ae713299575b49bb249b282ab46e03d4e4d3bba5d95f5ad7c5b9b0676d1b6c21dcfd69a9e8268abc29075b322eb4de7656f81201b08fe7f64ed4f905809cdbbd2693e2f2952baf550231d45a06316940aff3f6214b4c400bf5265461fc7ed365dcd508d0a48ae4c5a97cb9841e0a7e5dbf47f479983401307a1c95c0d9830f29557af71ec2e6dff9e932db9862a1ad78bed9cc1ec28740770e5550fee8e07201d4512efb8f43e4e06512b07263c35180e50bf1b2cb7142aa0d681394f80ac35195a33e1b16efc3025edbd908d16abc3c60d9bdb58207bf949b18e558feef33c85e3a2e2e6b7f1023042f2b6388a6661b78737cc178906419ea6021be9030cb905d5b586e0594563321eaf37c06bf152ce91e3765b2035a657be25721456c311a13205d403b0a9f71cc044441ca2356bd8e2b19f97e57f4fde0ba86549b6cb35771ccfe3ea30ce4f24504f6f72a74ca2460bfa4a7492dbe105e0ebf4d66488822a1b6373e645ad5801141a4e4a50e300404eb2ea8328510119963cd619968915882cb1db5959c667c4fa60053cd82a631915de2ea206bc514cf965209cea93201fca62f6f951c787fa0a3d66e29ce69aa18218001ada9d5312d237f4a1f05e370410f9e1b4c0e0739de526437d11d5c7a098fcff91c57c416b899373cc7e9a960fd51b27ee32e56aab761c80fc686a2564aa6d52e948798222c32d927277a0c0c39fd7248060c79a9d33bceadb56ea0b47d1270289b8d6dcaf4a6f4ba2d502a5e432230d8102241202f7dd65e0e83978167eddd2659f37c88bf4113a23f1673976424a8fcacadaf5bb27a91dcdbdf417926d1cea746798a7789fcf6d001b39d68a593490bf292e8d2bb862973ab6a1d7d065d5c108dbf329b39c1a911f011200cf16e8506debd313928f495ec2667eef850a4dcce358d82a55148bb80f0a94fccd584408805dfc0d75693e0683b27e9e1f5e2c77abbd5187d960505c2dcfd24367f1102348c827f7ebdd6a79d548d63a2b83579264f4d3e81467", 0xd00}], 0x2, &(0x7f0000004240)=[{0xf0, 0x10e, 0xffff0000, "3dbcebcc065dd99278e862cc5209be0335d75c3946868286d0a7c2d6da9eb2e57653bced3fc50cdadd2420555fde5f85cc6072f0260d0d740fd583eae15e061fc468f3d61654b2ecd822316046b118b0a996f188bca4abb5e98476b88c3d4dd15d1b6ab4862a096dad48fe7a606a44b3a7361f7035b72dcd3b1bee801ecb2b2cedf03c12e757b9a6b6458a422c1209a5394313b32b23c6f6e28390bad14c4972ddf7c17897764789b5f071f85c268b5ced7016e33bff82bc1a31ad4611d9af0cb07a2ea8080c4cf0a569913937171554d4943e6d16ea72aeff"}], 0xf0}}, {{0x0, 0x0, &(0x7f0000004680)=[{0x0}], 0x1, &(0x7f00000046c0)}}], 0x5, 0x0)

03:50:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_x25_SIOCADDRT(r2, 0x890b, &(0x7f0000000240)={@remote={[], 0x0}, 0x8, 'macvtap0\x00'})
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
ioctl$KDSETMODE(r3, 0x4b3a, 0x1)

[  973.258541] FAULT_INJECTION: forcing a failure.
[  973.258541] name failslab, interval 1, probability 0, space 0, times 0
[  973.283979] Bluetooth: Unknown HCI packet type 5e
[  973.284110] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  973.290230] Bluetooth: Unknown HCI packet type 43
03:50:33 executing program 0:
perf_event_open(&(0x7f0000000a00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/fib_trie\x00')
preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x6c00000000000000)

[  973.305840] Bluetooth: Unknown HCI packet type 5e
[  973.306878] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  973.311078] Bluetooth: Unknown HCI packet type 5e
[  973.324201] Bluetooth: Unknown HCI packet type 43
[  973.340792] audit: type=1804 audit(1586317833.852:98): pid=15588 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/182/bus" dev="sda1" ino=15752 res=1
[  973.366607] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  973.377747] hfs: gid requires an argument
[  973.379530] Bluetooth: Unknown HCI packet type 5e
[  973.382892] hfs: unable to parse mount options
[  973.387160] CPU: 1 PID: 15574 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0
[  973.399524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  973.408921] Call Trace:
[  973.411529]  dump_stack+0x13e/0x194
[  973.415186]  should_fail.cold+0x10a/0x14b
[  973.419360]  should_failslab+0xd6/0x130
[  973.423354]  __kmalloc+0x2e9/0x7c0
[  973.426920]  ? __list_lru_init+0x56/0x650
[  973.431104]  ? __list_lru_init+0x67/0x650
[  973.435247]  __list_lru_init+0x67/0x650
[  973.439211]  sget_userns+0x4e4/0xc30
[  973.442907]  ? set_bdev_super+0x110/0x110
[  973.447043]  ? ns_test_super+0x50/0x50
[  973.450929]  ? set_bdev_super+0x110/0x110
[  973.455062]  ? ns_test_super+0x50/0x50
[  973.458933]  sget+0xd1/0x110
[  973.461939]  mount_bdev+0xcd/0x370
[  973.465467]  ? msdos_mount+0x40/0x40
[  973.469169]  mount_fs+0x92/0x2a0
[  973.472539]  vfs_kern_mount.part.0+0x5b/0x3c0
[  973.477023]  do_mount+0x3c9/0x24f0
[  973.480552]  ? rcu_read_lock_sched_held+0x10a/0x130
[  973.485572]  ? kmem_cache_alloc_trace+0x63e/0x7b0
[  973.490398]  ? copy_mount_string+0x40/0x40
[  973.494637]  ? __might_fault+0x177/0x1b0
[  973.498686]  ? _copy_from_user+0x94/0x100
[  973.502840]  ? copy_mnt_ns+0x8a0/0x8a0
[  973.506724]  ? copy_mount_options+0x1ec/0x2e0
[  973.511201]  ? copy_mnt_ns+0x8a0/0x8a0
[  973.515087]  SyS_mount+0xa8/0x120
[  973.518535]  ? copy_mnt_ns+0x8a0/0x8a0
[  973.522416]  do_syscall_64+0x1d5/0x640
[  973.526304]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  973.531488] RIP: 0033:0x45f2da
[  973.534660] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  973.542369] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  973.549650] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  973.556917] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  973.564227] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  973.571504] R13: 0000000000000be4 R14: 00000000004ce08f R15: 000000000000003d
[  973.589409] Bluetooth: Unknown HCI packet type 5e
[  973.594915] Bluetooth: Unknown HCI packet type 43
[  973.601037] Bluetooth: Unknown HCI packet type 50
[  973.608493] Bluetooth: Unknown HCI packet type 50
[  973.614154] Bluetooth: Unknown HCI packet type 5e
[  973.621398] Bluetooth: Unknown HCI packet type 5e
[  973.630033] Bluetooth: Unknown HCI packet type 5e
[  973.635481] Bluetooth: Unknown HCI packet type 50
[  973.642837] Bluetooth: Unknown HCI packet type 40
[  973.650891] Bluetooth: Unknown HCI packet type 5e
[  973.656405] Bluetooth: Unknown HCI packet type 40
[  973.663143] Bluetooth: Unknown HCI packet type 40
03:50:34 executing program 4 (fault-call:3 fault-nth:62):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:50:34 executing program 0:
perf_event_open(&(0x7f0000000a00)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='net/fib_trie\x00')
preadv(r0, &(0x7f0000000480), 0x100000000000022c, 0x6c00000000000000)

03:50:34 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x101102, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bind$netlink(r2, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfc, 0x1008}, 0xff62)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r3 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x4, 0xa0002)
write$UHID_INPUT(r3, &(0x7f0000000240)={0x8, {"1e841f3d28a4b872b96a4d52beaeec50ec930b1ef6dfb471b59d652238a2c6e973b73d51cb7143980378b4c2554edd91ea77792a890ef4c069d1a3cd1229b330d341de3bdf33459d372a4e53af6eb9adcd2ec8dff1d8122f93044d82bd74927ed856be37516e3c49864d02b7784b63f517035443f13afb9a2661d0eff6da413b11354f189d7abab99be774c5bbb0b01850bc5df3122e2b7a6f4afedb5ba7c24d58ccf10d284e57d4b51c92be88fdabcad4ec11a0a5342c90ac15e6dfc2864d50fe9372c7161b974e8d1b2882864c138b5778fcfa020dfa7d9da20fabd25b913bf20f16a85ba7ed532021294fa47d0214fefc49d87e4e4b8057ece8e639db026314b047677d2deeb8f5eeab3ed2e4d044c5995358ade42873dff1c0bcc8c33c92e0f6bb96473539a3412042ba333ce6c8f26d5336ecca8064c91b981c21f625d5424b19960c9e131dc2182dd2e344f186176f7e81a3a8d2ba2a7aa6c47a933667d6948b6e01b240c0ae18508c3fb830572d14864f506845bcc86c60b98a68cf688da2057fa377a7cf42603ffb8de87c54d1047e313f19b09f7b72d59e3d4ef41781ec192e4a46f6359f32daa078a60fd8a0344644e97a36d9c63c020468662c7eef3fa4f65718e59d9623d514494ba58c1d0db3dd5db5ea20631984695401ae031a13272e4f9dedd41ae9dfef99d50ed4b8320bb426b3fc244d586cca52ee8167e23c5afbda77997e2c1bf2317794523a4b11277c0f361269108e2172f3106e282d4a9d46e0829178a1d815f0c7a915ea6994398071ed1d274f3bdf157ab6c95b2484e71d848032bd531ff1f8a5cdbb17cb36fe5c4830921b55f8a2716e826b100a37aca6255b1a8b2577cc647367e322fbe2b2824db524f55e143b892e06a2a30f6a6651c0940149347c2eb50768fab9e007cd8f8e983710a0e52d512540184f95b0405e6585b7e8c9cac5840df7fcc24549cc0a075c768939edb498150b24e82f5e6c97b325c3bc26c8f47b4fcc5c43814483953052b20bfe6713cbee8a86b6c26c255058186f8508d8de3f1a0419fec07806395d7b175c1e18c53b975c2267a1a93f33027e88b140e017f4c8fdb95554f4ddff2f0608459312fbb4b7c4e550cdbdd93d98a684a0853910a8bf079bc6a029449f54da002e1ab184e84b59e408f97f3d95285e413e48788a83927dcac8586d5d656ccf0189aa3b062ad4a831d0c8129e7b8937e8870a013775553ec731a95e8f5a8a4ecffa7de5339527aff9c419b778fab787596615a1ce6ec515ce951163a1531b41f8cb64cd9950ac2d3d3c05f99dda2da2b5f929ceb7119617c730bf1331e307373fe162708f4018435fd256d1b8cdbd471d24a18979f451456352fcb5aebdfff8e18c2887817fe31f35eae687c3260cd822f46b3d62a0b36adf58bb419e656a08b8ebf7dd761c8e0e1c9aebdaa7518054b0b68ff8b93ee2a635c39ce7ee29ae39584eee43e47f5af47ca894f9ea341814a39e69692644ff5d51025e809b37f382c7e8b909a265a96e0bb6d9c758943c41ae1a18faa01dbd5a2d9c3a0434644824828f96b543dd7214e5ad04b26837dd064e2da59c6d7dbf27e27ce1ef8eadb19ca1f8162b732a86c466f47b47a56fdc1cc770d393d6fb3e3d9963595238eae7d5afa9a1f4b649258e71f319f88125d44eff4beb55c53e1d684508730356e60ac0bd0af2cb3f25930127d1676bb9573f22c365582fd402a7fc655ab509540683e13d7c38dd13a7faf3e873bd63076f5101411609573d89e7ded816f1b41652bf44e9c3da998f88e1ccba7408fc9f03ea21f082b5bd6284148ad162e4b7e5aeaef6dde9a34491cf49078e6422097ea14e72f57f17e3be344cb638feec178f1b86cb20a2057d3415ce8613146f84d0f34f6308cfc09849bc69c36ccb2ee001b60f549ecd33dd363779e0c2cf46793837e3d0d6c36faea90cdb2b693aa1e1b2983de54ce240a0512442a477b03abb2c2654363d263227d33332218a071ec0e7f94add4be122577b2254234592e297e760482913f7212c7849c7f057c960775dedf5d5d7aa86f18099e74f380d1a117fe01df348c70b294194645b33d130f7c644a50f1c414a8cc4fcb1a1c07e122e040b8ddd48531d064bd8bdc888f9d65eb623b14acca6e3a2a7eab6241bde108f8e44f4743d129191aa269fa8fc798839dfa63b2a0353f244fe7ac7735d28349d84a2f5cb1a7f731c38e214ad598b1ad0c67e9a30fe1d069962a25381a01e86b03e9bf3a8bf8ce0681ee77faddecf550de93bfc084e00ac37b5d7cb865e58a6d531810abf0b2ec6ed1c18ddafa35eb634a2e6703b1fc506542e040157d4fe338b15cbade184b64b67e4518293a6d630d5f220a91b1ef62fd48c7da13dd863cf7754243bf9f864dcc275387c82bf7f9717fb2f85cbb8aaac650aeb5eac9d5c7cc8ae3bf343037c47f36f3fc0cacc1afca8bf317dbfec5ef37f54c859ca4faf18d567a3616c7ff0d4218703394b041ad14a18ebe13c86ea47d45071672ebba2f257848a71b095b7fca9e1c552fb2d8ee266759805b27f2fded0b63e27c77a64e542911fc8ff8f5c82c747a5772dce123288a307843347535c86c432d5fd2016ee213f1880dc47087544224a802c9892d29c03fee0dc6b992570f1ffb33a22e7cbf411d45ced8a03bd0ebbc9629de8420f8b84df78e8a8ae7257bc661f6c14c66835d6f15865ba36a9c4897abb3956c116c2a69c96cd838a337f7cb3d796a7165a01c94283b1eadf8f7991f6400e090644d02e6478d9c62b4213faef193f5106f9cf4ede005c8e27585672e516c8e63f3e2f60ec204025431d9818b1e4387a07d529cf1367bae51e86c7b286eae3d26e6fffcfb180ac4ea1475043db267fdee7b1b8aa6115f434a717c01d1761bff81c1a50457a60495b1ca87d43c9158b0947a06147938c4d7a8b591f641a995b98aa5cab86362ee540dae847c3f94738ace040369430e4cc86655aa85f82fb5ef6f675a545f0624c822aaa1d2fd96f9b0ba82161e1f7731deefc2bd09690a8b0b3aa21ab9b4cff60407c48bb89833dbfc51cdf932d7aab92671bcbaa39d11379f72e962eb470225783c1d00c67ddfc5c58dc71555e9a44555964f35167fb61b665fd23443cc54ad1b1971645505c7c9e66b0dc7552392383088c195e2cd89ebd9e083b9cb5bf1a2022947c865b733cebc61acb54fa0dcda5f671aa01ea9b458b0eabdcc749782e86b114f2134453c4c247a1e6c4230aaa78102b64bd89c05ee6fe75feace8302ccd9fe10d21ab7bc4ff1b74e4c88b39be63c5a21018bc0393e1a506f05f93c45278ac6d0bade7bee5e90ab180c34ee8a3aed515fb704afd444b527d2a5822756d6ab6ce39aa1ac6b0b701e84efa2fb6a1f8047ed48ce382d59c2aed0f97fae6a9f24dcccce10fbe58221599edb2cb644b8ebcc343906100b10bd2f7a5839bb1adf3e5c4a290dc0fce3390e550d646344d695ff906f256e70994ee2a7974533e76b0ef7fd4e4501b35839e31f1341899b2d4d56fa5d20eb3fa65e1753b6055ca21cc327ae3d5c44c44b283063e118d0e25d456cb59050116ad92acdddc72f090db513029f027b5c131eca169aca509cd2a1966408d83098562cec98b7214289ce470a4523f5faca2ffafecf7444d8be88cbaf5f7388006c243ab3f5aa345b5ac79e3a7e33b29c9a13c0ee87a2fc072fa7e37963235be34d1a2b85879b14f74cf95f2501d653f4c717d22330335d5b9376aa212cd8e56c17b85a8d31b3993748ffffc14adfb1755f80ddee4ca4f562a8634237ea6ec31fca919f1cc714474e9f9498c69a40a0789a8385deb122e39b4807e3358406d0112d86ec52a058a95c7a881cf94091635ccc583153c0f8c5a6cc65c65ac1a506a75f8cce92ebfdc8d8118f9f2511e2b2f564b72bf81c10968db005d89e8fe241da6d7c53be11a34f282af65a99627d7c1e2fd72056f1e323b0c35e635b6237a5822167896e9c5ade96b539edbb07d86dee08624c87ea601c54e4c20ecfdbdb16b374b5f9eb82793fa0da508ae4f717e93f343ad0ac50aae9d5383516f5452e525c40e2c4bb9c5427938a181304c89467a12f894e95a3f3ed5591f48a61db5daeeffaa577b9831b01e05e605098320ef3ad2867ba11db8e4c4cc32f3c59f25c5b81ae9dab3e4d529e21a7cfee0918954d4efe29323a24d35935c8da81fa265155505cdf48bdb166b50ae21eb350191ea87c8c38f6fad78ffba4b69a1854e6896f9b7a262ad034ba6864116b9aa3279fc6028cd1be1821c72a7f2cca6b5b694ae8c30075744b72744a51a88f3434e8a8f012c740b552131f17b27cf19c4a29c192da8ec926030e892867983e5d5b48a08cb74589a16c7dbf9c6821d28744a564f9491dbeb053db907578f70185366e09275b77bfde2a4f6382108327a5f79a9767fa9a0d65ae8a17c9e2e2ed5819845799ae7f5fbceb4666b4b4662bae771da0d4fff74c65d75cd5466713e90ecf95d148791ff5a4373dc7f3c0692a0fa01bba0f5fd1631bafbc1fe997045169aa8da4e8e5a57f7c32d14959bdd99b49513c64888a6919aec9d549ca963f17ff83c07a461c682f0278f10ec258819c3fe0390e7ac024e6c638ae70c744a4b66b5324a7fecf2c580467753a2d10c753a37511fabf90942bfe853c7905ba13b59105ac09c373569654357e560f82699bc4b83bb8ba1da9a39355bacc7b924a99fadceb9d1e6f32c01cf70bc42ff4dd6e992f005f57dc44042c9d6a4697ade7c1079927585a6e0049a6dc64722e258edf900518bfd394c7db7dffdd9e9bbd16ddb1086516a597d1ba645781add89d414638ba5139e9cb15f8ce593624fd69fe53e6a64f7b9eed6233c45037792a2b2922a8da9aac84bd2f09d126b07d78de10f40f06c7f4e9438ab21f6c5a95f511cc2b56bed8dff139d87a2b088708ece3c5fc9011e59405a813a7bf42bdc29f6c9ab979dad17f6a40b1dfe88593f2ef10b8d22471ff2cbba327eef891b6eabd9a73d1005dbf7039ad5cc78651ca036bc4e0b56cbc1a5f39bdb9d666235885bece8495bfb756f15a1052af44059c2360f1a11cebedd6d425465690ae7ae5b661322c52eed1564b3898856d9051b1742841506801b0cec651e4bdf22c5e5484b5b478532c60e4102b5ae384952940aec3d6a4c30488be08d2aae58d3d911ee54118aea317eaca07e13450f7cd62d0aa1560db9e91815adde12f54b7654c18c29d2f3c85989c0b48c4bc9c1287afe0ace2212cbe5916e3c1f80c7d0d34208a428dfbf5b6fba99e3fff8350e05099842488d80f2444db16628e70998555716f4bcd431f7473adb2ba940ce4898f1c27f429b345a9790fac19e87a365617165d97c3583ab882302bfe8c9d06338eb4b19081c1ebdd8b9e02a865df1cc8fa57ab13c145502a06992092e992d768904b6d132bede684197031ad1db24f552835145e7be28de10d24fc51a45a2d1cc94cebbcfb05e897b61389550a54e099d5158bde94ff94f3ed13ab8e66f600ac7758c75a3ed97a0968d86aa78381e137ba038f40312d62698b303178267c5e78e2e85d8a779ba2997ff377e87723f46dfed93700aee2cf64cda1d0a2aa25237144cf82a07074e0441ecfe465b6c4f642fefc121ec270f0ccb371d6c756cfd7fafd01bf25ff94d9b6cf60b033c7c14db537d2375cc1da1e47dea614f02d946957ee9b966ca5bba6f61ac3294197f630a8d9b695421f52e5fe8413bc30d71784177cc783c665d45c49bf5a351542074f25afe95aa", 0x1000}}, 0x1006)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[  973.896430] FAULT_INJECTION: forcing a failure.
[  973.896430] name failslab, interval 1, probability 0, space 0, times 0
[  973.944365] Bluetooth: Unknown HCI packet type 5e
[  973.944453] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  973.949492] Bluetooth: Unknown HCI packet type 43
[  973.985757] CPU: 0 PID: 15608 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0
[  973.993706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.003072] Call Trace:
[  974.005676]  dump_stack+0x13e/0x194
[  974.009323]  should_fail.cold+0x10a/0x14b
[  974.013493]  should_failslab+0xd6/0x130
[  974.017484]  kmem_cache_alloc_trace+0x2db/0x7b0
[  974.019485] Bluetooth: Unknown HCI packet type 5e
[  974.022161]  ? set_precision+0x150/0x150
[  974.022176]  ? reacquire_held_locks+0xb5/0x3f0
[  974.022187]  ? vfat_rename.cold+0x61/0x61
[  974.022197]  fat_fill_super+0xb2/0x3010
[  974.022211]  ? pointer+0xa00/0xa00
[  974.022220]  ? fat_flush_inodes+0x170/0x170
[  974.022228]  ? lock_downgrade+0x6e0/0x6e0
[  974.022238]  ? snprintf+0xa5/0xd0
[  974.022248]  ? vsprintf+0x30/0x30
[  974.022259]  ? ns_test_super+0x50/0x50
[  974.022270]  ? set_blocksize+0x24b/0x2e0
[  974.022287]  mount_bdev+0x2bc/0x370
[  974.056883] Bluetooth: Unknown HCI packet type 50
[  974.059327]  ? msdos_mount+0x40/0x40
[  974.059343]  mount_fs+0x92/0x2a0
[  974.059360]  vfs_kern_mount.part.0+0x5b/0x3c0
[  974.059372]  do_mount+0x3c9/0x24f0
[  974.094321]  ? copy_mount_string+0x40/0x40
[  974.098655]  ? copy_mount_options+0x17d/0x2e0
[  974.100102] Bluetooth: Unknown HCI packet type 5e
[  974.103148]  ? copy_mount_options+0x18f/0x2e0
[  974.103160]  ? copy_mount_options+0x1ec/0x2e0
[  974.103169]  ? copy_mnt_ns+0x8a0/0x8a0
[  974.103180]  SyS_mount+0xa8/0x120
[  974.103189]  ? copy_mnt_ns+0x8a0/0x8a0
[  974.103201]  do_syscall_64+0x1d5/0x640
[  974.103217]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  974.103225] RIP: 0033:0x45f2da
[  974.103230] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  974.103241] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  974.103247] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  974.103253] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  974.103259] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  974.103264] R13: 0000000000000be4 R14: 00000000004ce08f R15: 000000000000003e
03:50:34 executing program 4 (fault-call:3 fault-nth:63):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:50:34 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup(r1)
setsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, 0x0, 0x0)

[  974.297873] Bluetooth: Unknown HCI packet type 40
[  974.338076] FAULT_INJECTION: forcing a failure.
[  974.338076] name failslab, interval 1, probability 0, space 0, times 0
[  974.364943] CPU: 1 PID: 15620 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0
[  974.372885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  974.382272] Call Trace:
[  974.384879]  dump_stack+0x13e/0x194
[  974.388529]  should_fail.cold+0x10a/0x14b
[  974.392698]  should_failslab+0xd6/0x130
[  974.396690]  kmem_cache_alloc+0x2b5/0x770
[  974.400858]  ? recalc_bh_state+0x1f/0x170
[  974.405033]  ? check_preemption_disabled+0x35/0x240
[  974.410164]  alloc_buffer_head+0x20/0xd0
[  974.414247]  alloc_page_buffers+0xb3/0x1f0
[  974.418500]  __getblk_gfp+0x335/0x7c0
[  974.422416]  ? filemap_write_and_wait+0x86/0xa0
[  974.427098]  ? vfat_rename.cold+0x61/0x61
[  974.431260]  ? vfat_rename.cold+0x61/0x61
[  974.435426]  __bread_gfp+0x29/0x290
[  974.439163]  fat_fill_super+0x2ef/0x3010
[  974.443260]  ? pointer+0xa00/0xa00
[  974.446814]  ? fat_flush_inodes+0x170/0x170
[  974.451256]  ? lock_downgrade+0x6e0/0x6e0
[  974.455424]  ? snprintf+0xa5/0xd0
[  974.458893]  ? vsprintf+0x30/0x30
[  974.462363]  ? ns_test_super+0x50/0x50
[  974.466263]  ? set_blocksize+0x24b/0x2e0
[  974.470341]  mount_bdev+0x2bc/0x370
[  974.473981]  ? msdos_mount+0x40/0x40
[  974.477710]  mount_fs+0x92/0x2a0
[  974.481092]  vfs_kern_mount.part.0+0x5b/0x3c0
[  974.485609]  do_mount+0x3c9/0x24f0
[  974.489199]  ? rcu_read_lock_sched_held+0x10a/0x130
[  974.494231]  ? kmem_cache_alloc_trace+0x63e/0x7b0
[  974.499096]  ? copy_mount_string+0x40/0x40
[  974.503347]  ? __might_fault+0x177/0x1b0
[  974.507423]  ? _copy_from_user+0x94/0x100
[  974.511603]  ? copy_mnt_ns+0x8a0/0x8a0
[  974.515500]  ? copy_mount_options+0x1ec/0x2e0
[  974.520018]  ? copy_mnt_ns+0x8a0/0x8a0
[  974.523917]  SyS_mount+0xa8/0x120
[  974.527392]  ? copy_mnt_ns+0x8a0/0x8a0
[  974.531292]  do_syscall_64+0x1d5/0x640
03:50:35 executing program 0:
clone(0x3a3dd4008400af01, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = memfd_create(&(0x7f00000000c0)='systemem0md5sum$\x00', 0x0)
r3 = memfd_create(&(0x7f0000000640)='\x00\x00\x00\x7f\xc9\xe9\x0e\xff\x8b\xe8\xd0\xb8\x80\xc7\xf5\xe2Z\x03\x00\x00\x00z\x9b\xb0\xe8t%\xfc\vw\x82\xdb\xf1^\xe8\xf8\xc1-9Q\x00\x04\x00\x00\x8b[\xaa\x91\xef\x7f@\xd2z\xb3T\x9e\xefn7%E\x00(\x1e\xd1P\x0f\x9f\xca\xff\xcf\xc9c\x97\xb3\x81\xa04\x03\x1b\xf5\xce\xfa\xdc\xf6\xf2\'\x83\x82\"#K\x02eU\xae\xd4P\xc0iH\xf2g\xc9}\xf4I\xb0}\x9er#y\x0e\xcb\xa3\x80\xb5q\x1c\xef0\xbd\x87\xe8\x8e\x88\xe6^\xdc\f\x1e\xd0\x97\xce\xdc\x13\xce\x8a\xb3\b\xee\xd8I\xbck\xec\x80\xfa\xce\x86\x85\"\x1d\xa2\xc2\x1d\xf0\xc3\x9cm\xcf\x8a\x00\x00\x00\xe31\xe6\xc3\xa5\xb1\x1c\r8%\x06\xc3c\xe0\x7f\x88W\x18u\xdcbl\xe5(\x97c\x1a\xfd\xe0\xfa\xc0\x97\xc8\x95\x82u\x82e\xf3\xe7e\xf59\xf9S2\xd1\x98\x81\x8f\xbfwr\x97\xee\a\x8a \x1c%o\xed\x9e\x11\xd1', 0x0)
write$binfmt_elf64(r3, &(0x7f0000000f80)=ANY=[@ANYBLOB="7f454c46020000000000000000c4b40003003e000039880800001fd83d0000000000000000000000dfeb7bba00281293bd5d74dafc20380003000000c763bf0c0079be7a2ce3c134108fe74950f9b93a5ea0cee7257825501bb77bf723be80699ab51e67f4fee76bb7fad4231d844bc3c08f7352c53960ede02054e2418d890a676ec576e6002c7cd466eb935812a2d3e432b953a500000000000086314219123c233beca400dd9f82c124c794f7091e2b1023e629b0ad0ff74ed7d8102e0cbe3166973841c157945f577ea3aeba088227b92e995e0304000000ceb6039d7a01ae3ebc9a14e11dd91ce716d1d19e059363cab6ea2e099cd3740210f66f32e73b897cca2b155005e91bfac3be5fcda449b6e8148a4cc76efbeb16e3e4fd678792d290e73cb5ac591910db44cc7ae4e3ef56f8e7b0bbfd7cdff112f906d369c82e03adc1b159b8f5b6670f2f1f1669c902e24d6169d941fbee0d1c74de251424cf0baac37166fc1ebbbe1845f3c64b249ddeff68200000007926172a71b7352cded84d4a4a5ed360834d5c802613a8984fdc57d958246ea0e632cf331954ae5fdc614766b334c5d18fa05bf41d6001550f00b285dd001aa6c334380000000000003cef53baf50f21397786474a5cbf031f5082a2f80eef99cc22873091415b93a182659554f6bfae312e1be51285e0bbefb5563b3d00c723b4812692f69e8faec289ae7b271e2e4b15b0f6ab9b1904b67862e13801c770206378e468511a84421b8ea4d797a0d22f6043c013ef87d1a8a8c5ec008100000000f6d56531c9afa8a87891761d5db8f71ccbe2c049324a0ea72ced1e633b6d09222914499586226969692ecf637fdaae710f44d6420d9ca76e6785f17e33123f00f4770f4c0388216ea877878eef19b9c4279682da12ccf9c71ba39b7a98f7c75929e892b126c6fcb7b10250cc3c100dec8f8a69e65d38ab13360e800af529dc2a0ff44d92bac515bb4a38b5afb9e99c1989acc2d1c3367240f50fc50b460b6c24b42934a9ca929d355989f6a6eee666d55c987e40baa4f3b8b8c42237e2a948a024e20bad0ca74b1042c0348fabbd642893fafa7d39aeb3cca9623bafb4b48bcdb8bc6c5a5d2bcd6303623194e0ac2e3b825d7fea9d12d77e3023d03fa4d78cb8b2dae12aebaf54f4b9c5f43c3fea13a66131ac7c500fc430c6b3efbbbb9731f253332195302c65b90e9d74127ba08215648e29f83198df103296e93abfcaf752a9f532036135e5cff562c1f061ebee1d0fb70d541a74d0d721c58b0e1e27d0bbbb386d76108ac4da3d31ef529f5fea6304f2aa7d315740984d596fcfee951843416b69f3d1e90ae6cae942a6f0c3d5e97fa9a26934858d3ec28195311fc6b2f79658fde133e7f45e53c347980f6ed762a963829e2988312d545eba2386034b63dd0db38ed9c2b3304a279e28fe556e44b92d64087778d75ffae7f0d664b29aafa57dc26efcba6d6d2726da8b8d85c7548cc3d412e18996ef61949bab80baf550769c6533e1db138e2e48414abe54838a66ae2877d832e6d8c85205fb65b841585c220bea87c4391b3514fd2edf58d09ca171e72c043aea4cd9206552b839c8082978eb86fc79fceac4206c0a9425e4bd9b84c4511d60df5fe284e44deab74b44c11e2b4d1460c8d9738fef60e11c14bf00b1c095906a0c09317eddb13839024cbc0000000000000000000000000000000000000000000000000000cf59d1415956152068fd4ab30d16a3a2e75484b57bc668979b0ffcba3142bc4f8633581354618321b529030ade38677cf12bccee5c1949033dfb2a476f77fff06af5ba75448005a7f9e1ac54dbaf378b702ce747f7535c1b8e3169fa480093fe6b3a0893616ce2b5f6c317ba1c9b154e8692bf7d72de1a358649feb580d8e2085e848fd68f9b1872e77fa6c20cbb2c210299aa37e3a9b172ae6206bb5746938a5705b969eedde0bd95c3fae91b9b1529ae2ecd252e803fd0e004de6f547f99c6692b52bae49ac5742231fa1945fa408ec4dd51cbf102816a39755ff65a93954b001ccd6b31171cbe42102ffb9233f55be369df66591b41e76fdaa9e39deb15782cbb8ec2d080fb097f9bcc18f90df6f13c81902ef1abee8310e51667fe7524d76fac1a8fdcdac6ffa1f2d673f90258f7fe4fe6be3dec8f1d0039d525dcadf4ccbdc2bc9fc28911d398eca91f6a64f5f93adfb9d3324638bc40a4808b8fd0c2dedcb733611b446aaa0988cf4bef4d416376a845f67e0cfaa4e79011689d4e49f9ba0e5bbe46f0e431f8228fcbc38e6e5510e9ac59"], 0x3c)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r4 = dup(r3)
write$P9_RGETATTR(r4, &(0x7f0000000400)={0xa0, 0x19, 0x0, {0x0, {}, 0xc}}, 0xa0)
mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x5, 0x11, r2, 0x0)
rt_sigaction(0x7, &(0x7f0000b4a000)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000000))
prctl$PR_SET_DUMPABLE(0x4, 0x0)
syz_open_procfs(0x0, &(0x7f00000008c0)='sessionid\x00')

[  974.535200]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  974.540396] RIP: 0033:0x45f2da
[  974.543586] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  974.551300] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  974.558578] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  974.565862] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  974.573167] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  974.580447] R13: 0000000000000be4 R14: 00000000004ce08f R15: 000000000000003f
[  974.600359] FAT-fs (loop4): bogus number of reserved sectors
[  974.606279] FAT-fs (loop4): Can't find a valid FAT filesystem
[  975.331563] Bluetooth: hci2 command 0x1003 tx timeout
[  975.336915] Bluetooth: hci2 sending frame failed (-49)
[  975.342568] Bluetooth: hci1 command 0x1003 tx timeout
[  975.353627] Bluetooth: hci1 sending frame failed (-49)
[  975.359154] Bluetooth: hci0 command 0x1003 tx timeout
[  975.369948] Bluetooth: hci0 sending frame failed (-49)
[  975.971441] Bluetooth: hci3 command 0x1003 tx timeout
[  975.976966] Bluetooth: hci3 sending frame failed (-49)
[  977.411451] Bluetooth: hci0 command 0x1001 tx timeout
[  977.416913] Bluetooth: hci0 sending frame failed (-49)
[  977.422967] Bluetooth: hci1 command 0x1001 tx timeout
[  977.428207] Bluetooth: hci2 command 0x1001 tx timeout
[  977.428274] Bluetooth: hci1 sending frame failed (-49)
[  977.435168] Bluetooth: hci2 sending frame failed (-49)
[  978.051307] Bluetooth: hci3 command 0x1001 tx timeout
[  978.056656] Bluetooth: hci3 sending frame failed (-49)
[  979.491267] Bluetooth: hci2 command 0x1009 tx timeout
[  979.491297] Bluetooth: hci1 command 0x1009 tx timeout
[  979.496533] Bluetooth: hci0 command 0x1009 tx timeout
[  980.131145] Bluetooth: hci3 command 0x1009 tx timeout
03:50:43 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:50:43 executing program 0:

03:50:43 executing program 4 (fault-call:3 fault-nth:64):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:50:43 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), 0x0, &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:50:44 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000ffd000/0x1000)=nil)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f00000000c0), &(0x7f0000000140)=0x4)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0}}, 0x24008880)
ioctl$SIOCRSGCAUSE(r1, 0x89e0, &(0x7f0000000280))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[  983.485021] Bluetooth: Unknown HCI packet type 5e
[  983.490063] Bluetooth: Unknown HCI packet type 43
[  983.496118] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  983.498366] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  983.508547] Bluetooth: Unknown HCI packet type 5e
[  983.513540] Bluetooth: Unknown HCI packet type 43
[  983.515689] Bluetooth: Unknown HCI packet type 5e
03:50:44 executing program 0:

[  983.537385] Bluetooth: Unknown HCI packet type 5e
[  983.548365] FAULT_INJECTION: forcing a failure.
[  983.548365] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  983.556481] Bluetooth: Unknown HCI packet type 50
[  983.560221] CPU: 1 PID: 15662 Comm: syz-executor.4 Not tainted 4.14.175-syzkaller #0
[  983.560228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  983.560237] Call Trace:
[  983.560257]  dump_stack+0x13e/0x194
[  983.560276]  should_fail.cold+0x10a/0x14b
[  983.592702]  __alloc_pages_nodemask+0x1bf/0x700
[  983.597389]  ? save_trace+0x290/0x290
[  983.598592] Bluetooth: Unknown HCI packet type 5e
[  983.601193]  ? __alloc_pages_slowpath+0x26c0/0x26c0
[  983.601220]  cache_grow_begin+0x7b/0x410
[  983.601237]  kmem_cache_alloc_trace+0x6cf/0x7b0
[  983.601251]  ? reacquire_held_locks+0xb5/0x3f0
[  983.601260]  ? vfat_rename.cold+0x61/0x61
[  983.601269]  fat_fill_super+0xb2/0x3010
[  983.601289]  ? pointer+0xa00/0xa00
[  983.601298]  ? fat_flush_inodes+0x170/0x170
[  983.601306]  ? lock_downgrade+0x6e0/0x6e0
[  983.601317]  ? snprintf+0xa5/0xd0
[  983.619581] Bluetooth: Unknown HCI packet type 40
[  983.619884]  ? vsprintf+0x30/0x30
[  983.619897]  ? ns_test_super+0x50/0x50
[  983.619909]  ? set_blocksize+0x24b/0x2e0
[  983.664213]  mount_bdev+0x2bc/0x370
[  983.667830]  ? msdos_mount+0x40/0x40
[  983.671544]  mount_fs+0x92/0x2a0
[  983.674913]  vfs_kern_mount.part.0+0x5b/0x3c0
[  983.679403]  do_mount+0x3c9/0x24f0
[  983.682932]  ? rcu_read_lock_sched_held+0x10a/0x130
[  983.687940]  ? kmem_cache_alloc_trace+0x63e/0x7b0
[  983.692776]  ? copy_mount_string+0x40/0x40
[  983.696999]  ? __might_fault+0x177/0x1b0
[  983.701051]  ? _copy_from_user+0x94/0x100
[  983.705197]  ? copy_mnt_ns+0x8a0/0x8a0
[  983.709083]  ? copy_mount_options+0x1ec/0x2e0
[  983.713561]  ? copy_mnt_ns+0x8a0/0x8a0
[  983.717434]  SyS_mount+0xa8/0x120
[  983.720871]  ? copy_mnt_ns+0x8a0/0x8a0
[  983.724780]  do_syscall_64+0x1d5/0x640
[  983.728663]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  983.733837] RIP: 0033:0x45f2da
03:50:44 executing program 0:

[  983.737012] RSP: 002b:00007f464a8fba68 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[  983.744717] RAX: ffffffffffffffda RBX: 00007f464a8fc6d4 RCX: 000000000045f2da
[  983.751971] RDX: 00007f464a8fbae0 RSI: 0000000020000340 RDI: 00007f464a8fbb00
[  983.759261] RBP: 000000000076bf00 R08: 00007f464a8fbb40 R09: 00007f464a8fbae0
[  983.766628] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000006
[  983.773906] R13: 0000000000000be4 R14: 00000000004ce08f R15: 0000000000000040
03:50:44 executing program 0:

[  983.793664] hfs: gid requires an argument
[  983.798036] hfs: unable to parse mount options
[  983.807361] Bluetooth: Unknown HCI packet type 50
[  983.822279] Bluetooth: Unknown HCI packet type 5e
[  983.833083] Bluetooth: Unknown HCI packet type 40
03:50:44 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f00000000c0)={0x3, 0x31324d4e, 0x1, @stepwise={0x4, 0x3, 0x0, 0x9, 0x8, 0xfff}})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:50:44 executing program 0:

03:50:44 executing program 0:

03:50:44 executing program 0:
r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
r1 = syz_open_dev$binderN(0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x1, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0})
r2 = dup2(r1, r0)
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000280)={0x4, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x44, 0x0, &(0x7f0000000a40)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000400)={@fda, @fda, @flat=@handle}, &(0x7f0000000080)={0x0, 0x20, 0x40}}}], 0x0, 0x0, 0x0})

[  984.143571] Bluetooth: Unknown HCI packet type 5e
[  984.148580] Bluetooth: Unknown HCI packet type 43
[  984.154215] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  984.176856] Bluetooth: Unknown HCI packet type 5e
[  984.199190] Bluetooth: Unknown HCI packet type 50
[  984.210020] audit: type=1400 audit(1586317844.723:99): avc:  denied  { set_context_mgr } for  pid=15693 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=binder permissive=1
[  984.244535] audit: type=1400 audit(1586317844.733:100): avc:  denied  { call } for  pid=15693 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=binder permissive=1
[  984.245351] Bluetooth: Unknown HCI packet type 5e
[  984.269225] FAT-fs (loop4): bogus number of reserved sectors
[  984.269902] Bluetooth: Unknown HCI packet type 40
[  984.300553] FAT-fs (loop4): Can't find a valid FAT filesystem
[  984.514629] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  984.523187] Bluetooth: Unknown HCI packet type 5e
[  984.528081] Bluetooth: Unknown HCI packet type 43
[  984.539376] Bluetooth: Unknown HCI packet type 5e
[  984.545485] Bluetooth: Unknown HCI packet type 50
[  984.551515] Bluetooth: Unknown HCI packet type 5e
[  984.556570] Bluetooth: Unknown HCI packet type 40
[  985.490345] Bluetooth: hci1 command 0x1003 tx timeout
[  985.495697] Bluetooth: hci1 sending frame failed (-49)
[  985.580360] Bluetooth: hci0 command 0x1003 tx timeout
[  985.585719] Bluetooth: hci0 sending frame failed (-49)
[  986.210509] Bluetooth: hci2 command 0x1003 tx timeout
[  986.215857] Bluetooth: hci2 sending frame failed (-49)
[  986.540193] Bluetooth: hci3 command 0x1003 tx timeout
[  986.545594] Bluetooth: hci3 sending frame failed (-49)
[  987.570135] Bluetooth: hci1 command 0x1001 tx timeout
[  987.575451] Bluetooth: hci1 sending frame failed (-49)
[  987.660184] Bluetooth: hci0 command 0x1001 tx timeout
[  987.665570] Bluetooth: hci0 sending frame failed (-49)
[  988.290035] Bluetooth: hci2 command 0x1001 tx timeout
[  988.295478] Bluetooth: hci2 sending frame failed (-49)
[  988.610014] Bluetooth: hci3 command 0x1001 tx timeout
[  988.615399] Bluetooth: hci3 sending frame failed (-49)
[  989.649906] Bluetooth: hci1 command 0x1009 tx timeout
[  989.729914] Bluetooth: hci0 command 0x1009 tx timeout
[  990.369908] Bluetooth: hci2 command 0x1009 tx timeout
[  990.689744] Bluetooth: hci3 command 0x1009 tx timeout
03:50:54 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:50:54 executing program 0:
syz_emit_ethernet(0x52, &(0x7f0000000180)={@local, @dev, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "831a46", 0x18, 0x11, 0x0, @local, @local, {[], {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}}, 0x0)

03:50:54 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:50:54 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

[  993.741224] FAT-fs (loop4): bogus number of reserved sectors
[  993.748924] Bluetooth: Unknown HCI packet type 5e
[  993.754835] FAT-fs (loop4): Can't find a valid FAT filesystem
[  993.754880] Bluetooth: Unknown HCI packet type 43
[  993.769447] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  993.788108] hfs: gid requires an argument
[  993.795009] FAT-fs (loop4): bogus number of reserved sectors
[  993.801523] hfs: unable to parse mount options
[  993.804367] Bluetooth: Unknown HCI packet type 5e
[  993.806319] FAT-fs (loop4): Can't find a valid FAT filesystem
[  993.825831] Bluetooth: Unknown HCI packet type 50
[  993.835099] Bluetooth: Unknown HCI packet type 5e
[  993.853756] Bluetooth: Unknown HCI packet type 40
03:50:55 executing program 3:
r0 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r0, 0x1000)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f0000000240)=""/214)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r2, 0x400455c8, 0x4)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000000)=0x4033)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:50:55 executing program 0:
mprotect(&(0x7f0000005000/0x3000)=nil, 0x3000, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000000c0)={'erspan0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='K\x00\x00\x00@\x00'/16]})
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
perf_event_open(&(0x7f0000000140)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffb97}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendto$inet(r0, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0xfe6a, 0x11, 0x0, 0x27)

03:50:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
sigaltstack(&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000000))

03:50:55 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:50:55 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x1)
ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, &(0x7f00000000c0))
r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$IOC_PR_REGISTER(r3, 0x401870c8, &(0x7f0000000100)={0xffff, 0xfffffffffffeffff, 0x1})
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0xc)
finit_module(r4, &(0x7f0000000240)='/Sttmx\x00\x00\x00\x00\xbb\xbe\x92\x90c\x00c]\x8e\xf9l\x96\xcc\xca\xd0\x1e2\xca\x113\xf0\xb6\x06E\xc0\xf2^\xd5\xa6\x82\xeejQ}-/\xcdG\x89\x9d\xf0\xe8\x7fl\xe6;\x98\xca\xb9+\x05\x1d\n\xdd\xe6F\x1e\xb6\xdc1\x94\xa8\fJ\xcc;\xdd\xe8\x8d\xa6\xed%\nt\xe1\xb7i\x8cr+/\x80\x9a\xeb\x8f\xeaNx\xee2\rr\xde\xe4\xa8\xac\xbe\xe8\t\xd3\xcd\x05\xb4\x03\v(:31\x87\a\xc5\xae\x14\xf2\x15\x8b\xdc\xe3\xe0\xe9tI\x82`-\xc9\x8a\x13\x00\b\x00\x00\x00\x00\x00\x00\xe9\xe1\xb5\xef\xf9\xdaz\xdd\x91d \a\x00\x00\x00\x85\xe4\xee\x94\a!R6\ac\x9a\x1a\x96AIi\xdb3\xae\x84\xbcWc\xff+\xbe\x91\xfe\x99i\xeb51\x96\xe7\x1f-e\xdb\xe1', 0x1)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x8)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setpipe(r5, 0x407, 0x0)
socket$inet_icmp(0x2, 0x2, 0x1)
write(r5, &(0x7f0000000340), 0x41395527)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)

[  994.971595] FAT-fs (loop4): bogus number of reserved sectors
[  994.977794] audit: type=1804 audit(1586317855.485:101): pid=15757 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/111/bus" dev="sda1" ino=16007 res=1
[  995.008783] Bluetooth: Unknown HCI packet type 5e
[  995.010656] FAT-fs (loop4): Can't find a valid FAT filesystem
[  995.016624] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  995.025990] Bluetooth: Unknown HCI packet type 43
[  995.049477] Bluetooth: Unknown HCI packet type 5e
[  995.069831] audit: type=1804 audit(1586317855.555:102): pid=15765 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/184/bus" dev="sda1" ino=16018 res=1
[  995.074457] Bluetooth: Unknown HCI packet type 50
03:50:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_dev$sg(&(0x7f0000000200)='/dev/sg#\x00', 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fcntl$dupfd(r3, 0x0, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000040)={0x0, 0x0, 0x1b})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
fsync(r6)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[  995.119689] hfs: gid requires an argument
[  995.135528] hfs: unable to parse mount options
[  995.151329] Bluetooth: Unknown HCI packet type 5e
[  995.168938] Bluetooth: Unknown HCI packet type 43
[  995.182808] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  995.195614] Bluetooth: Unknown HCI packet type 5e
03:50:55 executing program 0:
r0 = socket$inet(0x2, 0x2000080001, 0x84)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x1ff}, 0x8)
sendmsg(r0, &(0x7f000001afc8)={&(0x7f0000006000)=@in={0x2, 0x4e20, @loopback}, 0x80, &(0x7f0000007f80)=[{&(0x7f00000001c0)='*', 0x1a000}], 0x1}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl(r1, 0x1000008912, &(0x7f0000000080)="080db5055e0bcfe847a071")
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)})
recvmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000015c0)=""/4096, 0x19ff0}], 0x1}}], 0xffffff1f, 0x0, 0x0)

[  995.228663] Bluetooth: Unknown HCI packet type 50
03:50:55 executing program 4:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r3}]}, 0x44}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xffffffffffffffb2, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[]}, 0x1, 0x0, 0x0, 0x48010}, 0x40051)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x78, 0x0, 0x10, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x8}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x7f}, @ETHTOOL_A_LINKMODES_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}]}, 0x78}}, 0x80)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = dup(r8)
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[  995.268224] Bluetooth: Unknown HCI packet type 5e
[  995.279080] Bluetooth: Unknown HCI packet type 5e
[  995.292224] Bluetooth: Unknown HCI packet type 40
[  995.301142] Bluetooth: Unknown HCI packet type 40
[  995.381307] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  995.488847] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[  995.809145] Bluetooth: hci0 command 0x1003 tx timeout
[  995.814586] Bluetooth: hci0 sending frame failed (-49)
[  997.009005] Bluetooth: hci1 command 0x1003 tx timeout
[  997.015989] Bluetooth: hci1 sending frame failed (-49)
[  997.178887] Bluetooth: hci2 command 0x1003 tx timeout
[  997.184438] Bluetooth: hci2 sending frame failed (-49)
[  997.888750] Bluetooth: hci0 command 0x1001 tx timeout
[  997.894135] Bluetooth: hci0 sending frame failed (-49)
[  999.088680] Bluetooth: hci1 command 0x1001 tx timeout
[  999.094055] Bluetooth: hci1 sending frame failed (-49)
[  999.248681] Bluetooth: hci2 command 0x1001 tx timeout
[  999.254060] Bluetooth: hci2 sending frame failed (-49)
[  999.968762] Bluetooth: hci0 command 0x1009 tx timeout
[ 1001.168355] Bluetooth: hci1 command 0x1009 tx timeout
[ 1001.328500] Bluetooth: hci2 command 0x1009 tx timeout
03:51:04 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:51:04 executing program 0:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x8002, 0x0)
write$P9_RSTATu(r0, &(0x7f00000003c0)={0x11a, 0x7d, 0x0, {{0x500, 0xfb, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{evbox%\x00'/31, 0x39, '^\xa6J\xdaWj\xa0\x80\xb2w\x04\'\xb0\xc0\xb6\xfa\xfc\xf8<\xea\x17\x95p\x02\x00\xde1\x0f\xb6\x02\xe3\xfb\xe6\x8eJj\xbc\x00\x00\x00\x00\xa2%0\xcaG\x8b\xcb\x90\xc9\xbc\xe9\xc9\xd6\xb1\x8f\xed', 0xb, 'cgro\x98ppppP\x97', 0x65, '\xf8\xf6i\xfbqm\xcf1^\xc2\xf3\x85@\x9a\xc6[\x94\b\x039\xc0\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf14\xa6f\xa8RH&\xb2\xb4\xa8\x8e\x01zwW\xb2\x06\xf8\xb0\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\r\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7'}, 0xa, '/d#\xbf\x9agb{#\x00'}}, 0x11a)

03:51:04 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$inet6_int(r2, 0x29, 0x3c, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRESOCT=r3])

03:51:04 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bsg\x00', 0xa0000, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x15)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1003.923837] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1003.936136] Bluetooth: Unknown HCI packet type 5e
[ 1003.936385] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1003.943702] Bluetooth: Unknown HCI packet type 43
[ 1003.978776] Bluetooth: Unknown HCI packet type 5e
[ 1003.986320] Bluetooth: Unknown HCI packet type 5e
[ 1003.994522] Bluetooth: Unknown HCI packet type 43
[ 1004.000119] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1004.021345] Bluetooth: Unknown HCI packet type 5e
[ 1004.022127] FAT-fs (loop4): Unrecognized mount option "00000000000000000000007" or missing value
[ 1004.031940] Bluetooth: Unknown HCI packet type 50
[ 1004.041954] Bluetooth: Unknown HCI packet type 50
[ 1004.050756] Bluetooth: Unknown HCI packet type 5e
[ 1004.058569] Bluetooth: Unknown HCI packet type 40
[ 1004.059752] Bluetooth: Unknown HCI packet type 5e
[ 1004.069267] Bluetooth: Unknown HCI packet type 40
[ 1004.105812] FAT-fs (loop4): Unrecognized mount option "00000000000000000000007" or missing value
03:51:05 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r3, 0xc0045540, &(0x7f0000000140)=0x2)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:51:05 executing program 0:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x8002, 0x0)
write$P9_RSTATu(r0, &(0x7f00000003c0)={0x11a, 0x7d, 0x0, {{0x500, 0xfb, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1f, '\x04nodev{evbox%\x00'/31, 0x39, '^\xa6J\xdaWj\xa0\x80\xb2w\x04\'\xb0\xc0\xb6\xfa\xfc\xf8<\xea\x17\x95p\x02\x00\xde1\x0f\xb6\x02\xe3\xfb\xe6\x8eJj\xbc\x00\x00\x00\x00\xa2%0\xcaG\x8b\xcb\x90\xc9\xbc\xe9\xc9\xd6\xb1\x8f\xed', 0xb, 'cgro\x98ppppP\x97', 0x65, '\xf8\xf6i\xfbqm\xcf1^\xc2\xf3\x85@\x9a\xc6[\x94\b\x039\xc0\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf14\xa6f\xa8RH&\xb2\xb4\xa8\x8e\x01zwW\xb2\x06\xf8\xb0\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\r\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7'}, 0xa, '/d#\xbf\x9agb{#\x00'}}, 0x11a)

03:51:05 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$TIPC_IMPORTANCE(r1, 0x10f, 0x7f, &(0x7f0000000000)=0x9, 0x4)
r2 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="6e6f646f74732cb2a8921dbe2c"])

03:51:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:51:05 executing program 0:
r0 = socket$inet6(0xa, 0x803, 0x2)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000440)={{{@in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x80000000000001}, {{@in6=@loopback, 0x0, 0x6c}, 0x0, @in=@empty, 0x100000}}, 0xe8)
sendmmsg(r0, &(0x7f0000008440)=[{{0x0, 0x536, 0x0}}], 0x400000000000107, 0x0)

[ 1005.271018] Bluetooth: Unknown HCI packet type 5e
[ 1005.271342] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1005.303299] FAT-fs (loop4): Unrecognized mount option "²¨’¾" or missing value
[ 1005.318393] Bluetooth: Unknown HCI packet type 43
[ 1005.326665] Bluetooth: Unknown HCI packet type 5e
[ 1005.328077] hfs: gid requires an argument
[ 1005.339556] Bluetooth: Unknown HCI packet type 50
[ 1005.351717] Bluetooth: Unknown HCI packet type 5e
[ 1005.353605] hfs: unable to parse mount options
[ 1005.373041] Bluetooth: Unknown HCI packet type 40
03:51:05 executing program 0:
open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
r0 = inotify_init1(0x0)
fcntl$getownex(r0, 0x10, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x7e, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8085}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
fcntl$setstatus(r1, 0x4, 0x4002)
io_setup(0xb, &(0x7f0000000040)=<r2=>0x0)
io_submit(r2, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000000), 0x200a00}])
time(0x0)
syz_genetlink_get_family_id$tipc(0x0)
r3 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, r3, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0}])

03:51:05 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
pipe(&(0x7f0000000200)={<r5=>0xffffffffffffffff})
vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000280)=0x5)
setuid(r7)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000240)='./file0\x00', 0x931f, 0x1, &(0x7f0000000280)=[{&(0x7f0000000840)="63170c2d21d1f523ced0f6163f82ecf506b42c7bf77dc47d4c0b3ebdc42244123a0d8b1a48ea39ce9e12150f9b2f977ece1149574a29759f510afd1404804f0356657d3a54c915e0d6a595de39dcd28788ab19ecdef21a963996d81c5ca777642cf9569c6a045bc103fb4a6bbfc107c220f8cb50caccb0fd20ea52dd9d5589a1d833922d4750a8d7476d4fcbbc104744cc0ac7f2db4aa737975c44136933eb3f4ff688c58a4a90acf9c5ff2fbb771763c5dd5fc5c61f674714e2f6b8bd5fc4e45f54f9fd7777cd9506983aa58e12e0ec738e53b6e42afd8e2d330d0f9ef8c79b7d733e4ce6d437e5c9a5907d98991532a500d9129511ac582e3bb4cfad827f2716a69a2d82a07d12f482cb10b60b0a578cd7fe589934022d627ad887090cc7ab1a859819b4d52376ba998b7f5d47bd3112c60ef491f584ea049978a5be118df4aa9b6b26f4a1fb0d68cc5fd9734659b9d6c376d313b031b95b65c14576e2cae37350d2da152e5f73a86f7fcf61bc8cfbe5cb9b5ef916849c6f8a7ccebf03508caeffb7dc2dce26ca6516cc6eb2ef00b88fee1dbfcc68bb7a5dd9b8b6013eaf03e94d3eca8dff84a3188f5b1774bb6642794ffe7ff8a4c075769e38fce82e5b433dd8fce684bf42c48915723fb913d48aac993ea9ed9b9525fca948d1434a8eeb8af748ab25d7543a239b94b722db1674cc17a79eb0212039f896facccfbdded6483650f6a39dd83018550082360651c9736dc65baff00a7652922a6cb1156c82db34918d4736117cae99900599f37c885adeb5d1261a685203c864702d065ceba6fbb93cc3e1e78cf4a5194f5d21efce294c68a43ec26df94a124694b6306abcd0e3f198a408d3ff8a527b01c762d8d097a0cbc957d9acab7fe62c43f1a6cfc70871e6e44833e522ae849a17fe56811e9df7570106a26d77d4622ad1ef01f2561e0d287289e249911ff3b8f293d3c537ae033a1cbda896bd3af0acb8beeb1f933ccfec68845366c371c109f7beeff07c3c0928c6b335bc63aedbf20f9442b4adbd3ec786fa9573dc924b7404e18a8f5bf652ea23f6cd0fec9667affeea0e1b666a54dd32e940ce19fef8c6b544e620a4b4a8fc17160be5ec130e0ebde1fbebb11d6d6a3dd27c86110e8d37b97e9102e0102fea76b745c53fb0bca92efd618efafb992a9ca65dff32f89346fd09433902ec7f0d4f4e703a16c7a974c6d2dd480675c379ea44bbd4617c1523fd9fc187f694cf3b8acda635357962d9850e8e0ef2562fb9809e7b4f66450b668a8baed8e28d166577d9cd1de9bb272a59298b4b2cba091d4ca202b0d544343c9e1849bac91a94e03b22ba9ba4f7e1382ed45db6388780dd4f4b1c1c3e2db9bf0e754be6055ed72de57f08efd54eed90c9fa0e7c9f7cf4e65695d90022797b4aa4ff95fb439bdbfe93efb60fd0b64b027542908d78a8341d78237b71277bf27e24b9515094b569d4d6d6a9b644b836f4aee4a02a5e7cb08e80d759cf6e02864dc7d0b685974b5c1757d867a282ba575e7b040d7d8dd758da104e0b7fe8db4473cb0914d55a11a338dbbdc697f8c8f36015bae81a81393d76b1ed26a0526bc82cabcd23a6bc733b1f29da4e3227f4a782d4130c43632b265d83c0de23e4ce096872788b1768d00b01df9b07ce532faa7b9390e79a7edd47532959c15a128fd477887a195a747822ae5c0e10fcfae88bc8f2ce82058bad0b2d8444f5b926f672e30091ac2e4dd8534a3529f7c89b2559fcb0b44412ef7645bc7619652b9e5ae8058e1f7c2d1a96d3f6edf80251d485a44c3aa6f1ec1951c44d887538472fc36e3d954808c73c7ce351da20b938ab1828aa3d0fd8e48c64a1d2582a3d6d2706c22db29ed41c6768a47741b594bc7e4af495e209846443d612e211ed4b4334ce2f5b3f06936873e0c27cd1de5df716508a425ed9247a3fafefd5211b8be095f08ea8a5fcda8cce2935548dbcd213b36179850ea6b9d5c42add79f1a6606041b42c61016615ec5492159c14c8851dd3a1783766d306851202fba7a73d9b39c6e775a785d6c9ea87feea96a19994d722bc049b4966c21fcf38f20df218e37278100b8868b356789a5be996fa2b7a2b3288cff8f18e9f9e847d92d4e9b1785e0ea68be3885f8c26a005dcbc9544364ee6c585412e196ba8e723b42099efa9d89509c142648361bb06ad31ff6f4211dc3f11fc9d11f3ff404fbd59329cf73df86564d7361f88f6de4264928751611a13bb14968b28c11a74995b4ffa0c1bb5b635f99599957704c8ff1ed5a6d1c8fd1cf97fd0a49ed0940c11a7fd3aa04c4f857308cfaefcaf2ab930a883c6accad1d099cbe53d8d452739087eb8b62ce68c411539af4156c52c5120204135515948e31a9812a7650fe3a3c4ad6d26ea20486ef9181543417aa96197b63ad6656ed49302b9488b626df04b23c4749b83c839e643eae8af696d0d7f920a571be8414a0a662092e09c74f7b9a4c0b96c56d84e5ffa3cf142707ca6076f907e716ff07fcc8eb8221f746ffa0a04e7590516569e49ddbb3c0ebc4773df210ad1102ea9eba4c021d1b310e688ed6812dab54465fb37d3b2f4fc2ebe224c19a3078f5b94bfd81ebf6188ea649be555872008a0b68cb86da41924aba4ee350a6c513cf30e6c8a3cda46cf3f86641d19c36b5d1c090f2de068bd66eda698d088f4f9d85b5a85fb9d9bb30cbed593b61dd27adcf0e937f9d65cf898db61618ea1adf6f96bc0a20a8c0acf914ada296f27330353229d9c7db149f451aef9785783862a3e0548185fbf835b731d65f5e810868c5cf2f04f69849162ed883cf9bf755819025856dced48bd70f6562242d1a9708449c149a28bbe92819446b2604c4cb95ccd34dcf62101727458167701b80a6a3826af0a2a46b30360a7f63e5a8109ef7dfb9faa2dc006e15686747e6742171318c428121b64b4cca93967665f234951a8d5e1bf902ec0a3aae68bce5ca7caab77f040d4f3cd7fa9a3e9e8778b3beb3144b54dd705737ef3e6483d164dd658bf8dea2c9de70294fd1caa52a1426bcb4bc3da9f2ee64f3edd06ce5aece7e88de22796cf9853ea6075d1d294b5b3d61baf59cc3e0afdf30d6de82159f6d6faeaf1a802152177d80421a464094fa3288efddad41b20ba96fc81ee9222420589ff80c1cb8b55ce8c688e325723481f2591944c3926c4c0e93569ceef32af76023d2d0e45e8e497f227f7fec6bb837363f2eba5d5a20a2cbc24d039e7a32a5524fab9e047ed7d4bef3a16b6b5d2bfd9996f44409d95839e2d00fb8fc214e7897d457d8b00c3d99171abee91c0f381fef94d6f2f0006731c818447ac46ad5f2003e302beffae2f1e8a6bb2e51a6331d5cb37481de7e1c0a08186a1c81759e2828f2245375b0ceb21e22ebb02a290b1f66ee02ad0bc941741a72365b12d91db8eaa7da601083f9b66ba0133d9358c7c39018b9572822a8e7171aac1fdbc362f9b085d3bb8fa83cac26a98279193c6482be1673b2d9c1181acb4b24af1e4eb6e6dbcecf95af6de2b4d9affb9e8dc39ba138e7ef8591d2610506c271b9af12cb6ff3cf70c703d235ebd97452e02aa51943d18b034277a068bef23fcf78949a0e4f39b97f63fc8733e87de061822e7e01b82d8ab24f8e58f06dc0a73958ad41bc8a8e91ffba0328ee4ed22be63e817ff0ea6fed55f80e3579fc6da2e1be5e8e33553a769d1b8f049a8feda1405dbf3f80eab6cbd40cff3dca5511ffddf0afc9265eae036706fccf10c065384e649be55b3648b7ea040d6063aac27c485417621f7f30e82f8eff8ceaf7cf574cd9f1994f1fed8fc257be2c7d0ca275dab1a6503e92303ad0386b2571d5cf11a4dabe634c16b873aa2f105d2883e415e7e70cfaa131e84a0f5265939f88441b1cff544852dd93907b0d4fa25c57a8c77058842c921a2a071a68e28b679fbb0e1f9ed2fa6df8c1aeb51d8ae472052cb042d4f5ca1288f270958363c9c7e63f345a15b9398430d819871ca5be82ed58360f5aa442ae6a581596df0833a5d924499a5ecae1c3aed397d6c34c7f64ecd228c8d531bc67510e42ce3a468c7ee91eed22ce1a16b579946930fa75afa766522ab4eec7f1e4d33a5269e87bd7027958b36b395ddbc6bfe5a24760e044f9039074f14a85ea5df30aa0909a103af98ab5815564535f81ff0407db1f9f66cea31003d21134d78b4f5e2daba242a11e55a35d943c67d97d9b55b4ccaea6873f89ee292e36505c8b6508dcc71fefef1f36b6cfc60210080a082ffaf70b1ba717aa0a8a663fc862014d856e009b813968b807cc0513a15be02222d36e329b9b727eaa572dfb6235f42e8ea56a34b5b790a8aeaf396c015a4cd09f76336f448be4932163e378547010600fa7af368a98736c8d43d48d1e4fe3d742479b28a16938bc9b960349719651b77e545eea95726b3e613508e38a5af048dc018535eabf3b7128ee55c7582865ff2303cd3d71a9982546c3acd36cd9ba026deca1e8316c44d320821c187b1a564551e55c5a99ce93db2f86a372ba86c4cdd060989ecf8a37672d973fb3f286a4cc75a1136a2439f6ac4460619150c5b2321b222aaad01cf63055714e34059e382b9ebcbbc97dc74794b23c9dca2bbb82d42cf2d0c4704389e1a2ff23ed743f774ae05f89f697f6aed6f1575467c91771fecd57c5ceb7fe460b2dd28dab73dffe206cf31bd9580d6131805f21dc5eae5cac9228d47a91de3b74be96963656b29c352a9ec89902d41438ae4e6337b0a74db3f08aa4fee8d6f01c240dac68a9a05a1dee5ca08db40908e3babb34d633df9f13562361e9cf177787fea409febdacd3e2b96194f90fa2a57aa582f40f00ec693e08ba2072ec0486f05b462e51260b34021804bbba1be745691cbae0d6fa3eb939ed38b8a8da0ebb75f3f86bd52f21d7d300aeaaef2b4e635644505559caa7f04925b69b9909db9058d6f94f298335a8ec94751a9681e2864ee3c0baac1fcc4e1dcdd62dac1e66cae809b38723a489ae9d74cd8ce10f79ce3f630863773d062e8b42cb6f195d5699ceead368993f4456c01c78fa086fc653e968b21ee584e16b43e539a1b25097875f6abe958228ea1365895938b459a104e24484a8b63e60babc2011a9d4402a8e1eb3148e3ba9c1f4d31201162628419ef7e839214db499d28cf14c8f3c192687b34ae8a6971c380e1dc8b06827a16fb0263728001b58fa7d6358fcd0e974f435d6ee98fb488f214c68d5b7e0ab1b5f6114443fd33ca119d28659b33d6d135493d10f1ff4527d4bf6378e3c135e1b354d1cab0cebe6202f6ab3e485e4859e56cf9c349a17bd7220a7234cf2e41d42a1f0e71c83dcac033d4806d9465d4bf2c6b5b6c0ffe925b66601aff32a30c76aa241fa6ebd2641aa79478efe0d5c5c6b46d0fbd692bc560de1c2a43c662593435402ee2f4c64c95ef18661f23713da2555f6b96aa6f61483bd0cfa0090f31f89a83c499bf888b13dbbbe40585a2db907e382b7e168621ce5b5abab1baa0831daef018f76077c57431bb0b22ad7cfce146e5cbcda65d4952db2ca4f700d15e7498a6818127cc4f54568d49036ad3af9f5dcd46ebccd5e66cde53f98022185e3cd892ce42541c0bbffccd54cf38aa6d9820b7b9521e0a88cecfb27b0e2fa40e1762c485e8c33f638320c6f5c6af025e26592cd3bb0b50b9982f4122415798ee42843c1752f38a91899db6eafdd6d65d011d9925c3d4ae4f2a7374f501b94f07933482fc271b1d6e3647fafeed8abc30ac6162835e2da825563724c482da8e", 0x1000, 0x4}], 0x1, &(0x7f0000001840)={[{@data_journal='data=journal'}, {@data_ordered='data=ordered'}, {@acl='acl'}, {@journal_checksum='journal_checksum'}], [{@smackfsfloor={'smackfsfloor'}}, {@subj_type={'subj_type', 0x3d, 'msdos\x00'}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@appraise_type='appraise_type=imasig'}, {@permit_directio='permit_directio'}, {@obj_user={'obj_user', 0x3d, 'keyringppp0-+system'}}, {@fowner_eq={'fowner', 0x3d, r7}}, {@obj_type={'obj_type', 0x3d, 'system_u'}}]})
ioctl$FBIOGET_VSCREENINFO(r5, 0x4600, &(0x7f0000000380))
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x44}}, 0x0)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x4, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYRESDEC])

[ 1005.554789] audit: type=1804 audit(1586317866.066:103): pid=15888 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/251/bus" dev="sda1" ino=16041 res=1
03:51:06 executing program 0:
clone(0x182000105, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40086607, 0x0)

[ 1005.977833] Bluetooth: hci0 command 0x1003 tx timeout
[ 1005.984253] Bluetooth: hci0 sending frame failed (-49)
[ 1006.038594] Bluetooth: Unknown HCI packet type 5e
[ 1006.043644] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1006.050829] Bluetooth: Unknown HCI packet type 43
[ 1006.057725] Bluetooth: hci3 command 0x1003 tx timeout
[ 1006.063355] Bluetooth: Unknown HCI packet type 5e
[ 1006.067204] Bluetooth: hci3 sending frame failed (-49)
[ 1006.076445] Bluetooth: Unknown HCI packet type 50
[ 1006.091675] Bluetooth: Unknown HCI packet type 5e
[ 1006.096948] Bluetooth: Unknown HCI packet type 40
[ 1007.327513] Bluetooth: hci1 command 0x1003 tx timeout
[ 1007.332869] Bluetooth: hci1 sending frame failed (-49)
[ 1008.047420] Bluetooth: hci2 command 0x1003 tx timeout
[ 1008.052746] Bluetooth: hci0 command 0x1001 tx timeout
[ 1008.052802] Bluetooth: hci2 sending frame failed (-49)
[ 1008.059423] Bluetooth: hci0 sending frame failed (-49)
[ 1008.127424] Bluetooth: hci3 command 0x1001 tx timeout
[ 1008.132790] Bluetooth: hci3 sending frame failed (-49)
[ 1009.417343] Bluetooth: hci1 command 0x1001 tx timeout
[ 1009.422751] Bluetooth: hci1 sending frame failed (-49)
[ 1010.127222] Bluetooth: hci0 command 0x1009 tx timeout
[ 1010.127235] Bluetooth: hci2 command 0x1001 tx timeout
[ 1010.137782] Bluetooth: hci2 sending frame failed (-49)
[ 1010.207231] Bluetooth: hci3 command 0x1009 tx timeout
[ 1011.487057] Bluetooth: hci1 command 0x1009 tx timeout
[ 1012.206944] Bluetooth: hci2 command 0x1009 tx timeout
03:51:14 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:51:14 executing program 0:
r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/fib_trie\x00')
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000000c0)="0000000000800000", 0x8)
r3 = accept4$alg(r2, 0x0, 0x0, 0x0)
sendfile(r3, r1, 0x0, 0x20000002)
ioctl$BLKPG(r0, 0x1269, &(0x7f0000000240)={0x3, 0x0, 0x0, &(0x7f0000000800)})

03:51:14 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$KVM_GET_XCRS(r1, 0x8188aea6, &(0x7f0000000300)={0x5, 0x4, [{0xfffff801, 0x0, 0x45d}, {0x0, 0x0, 0x899}, {0xc, 0x0, 0x1}, {0x2279a57b, 0x0, 0x51}, {0xaa92, 0x0, 0x1ff}]})
r2 = dup(r0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r3, 0x0, 0x2e, &(0x7f0000000140)={0x0, {{0x2, 0x0, @multicast1}}, {{0x8, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000080)={0x1, 0x0, [{0x1000, 0x1b, &(0x7f0000000040)=""/27}]})
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYRESDEC])

03:51:14 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = openat$cgroup_ro(r1, &(0x7f0000000140)='memory.current\x00', 0x0, 0x0)
write$FUSE_NOTIFY_INVAL_INODE(r3, &(0x7f0000000180)={0x28, 0x2, 0x0, {0x3, 0xfffffffffffffff8, 0x3}}, 0x28)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x12)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r4 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r4, 0x1000)
lseek(r4, 0x0, 0x2)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8400fffffffa)
ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r4, 0x40045731, &(0x7f0000000100)=0x6b)

[ 1014.202708] Bluetooth: Unknown HCI packet type 5e
[ 1014.210163] Bluetooth: Unknown HCI packet type 43
[ 1014.229346] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1014.244889] Bluetooth: Unknown HCI packet type 5e
[ 1014.255411] audit: type=1804 audit(1586317874.767:104): pid=15929 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/113/bus" dev="sda1" ino=16044 res=1
[ 1014.288813] Bluetooth: Unknown HCI packet type 50
[ 1014.301741] Bluetooth: Unknown HCI packet type 5e
[ 1014.312459] Bluetooth: Unknown HCI packet type 40
[ 1014.349903] FAT-fs (loop4): Unrecognized mount option "18446744073709551615" or missing value
[ 1014.407062] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1014.413139] Bluetooth: Unknown HCI packet type 5e
[ 1014.422766] Bluetooth: Unknown HCI packet type 43
[ 1014.432559] audit: type=1804 audit(1586317874.947:105): pid=15934 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/113/bus" dev="sda1" ino=16044 res=1
[ 1014.436898] Bluetooth: Unknown HCI packet type 5e
[ 1014.474121] Bluetooth: Unknown HCI packet type 50
[ 1014.486749] audit: type=1804 audit(1586317874.997:106): pid=15934 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/113/bus" dev="sda1" ino=16044 res=1
[ 1014.532595] Bluetooth: Unknown HCI packet type 5e
[ 1014.541452] Bluetooth: Unknown HCI packet type 40
[ 1015.049307] FAT-fs (loop4): Unrecognized mount option "18446744073709551615" or missing value
03:51:16 executing program 0:
socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x19)
fallocate(r0, 0x0, 0x0, 0x1000100)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lseek(r0, 0x0, 0x3)
r1 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x0)
stat(0x0, &(0x7f0000000080))
r2 = open(&(0x7f0000000780)='./bus\x00', 0x14103e, 0x0)
syz_open_pts(r1, 0x10001)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r2, 0x0)
syz_genetlink_get_family_id$tipc2(0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00003b9fdc)={0x4000, 0x0, 0xe75b, 0x0, 0x1b, "00410000ec8ae7bc6c4bb1af00"})
io_submit(0x0, 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0xfd14)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)

03:51:16 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="6e6f646f74732c6e6f63f8e63f"])
socket$bt_bnep(0x1f, 0x3, 0x4)

03:51:16 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:51:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)

[ 1016.120336] FAT-fs (loop4): Unrecognized mount option "nocøæ?" or missing value
[ 1016.142903] Bluetooth: Unknown HCI packet type 5e
[ 1016.143031] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1016.181558] Bluetooth: Unknown HCI packet type 43
[ 1016.190911] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1016.198127] Bluetooth: Unknown HCI packet type 5e
[ 1016.203324] Bluetooth: Unknown HCI packet type 43
[ 1016.208311] Bluetooth: hci0 command 0x1003 tx timeout
[ 1016.208387] Bluetooth: hci0 sending frame failed (-49)
[ 1016.249924] Bluetooth: Unknown HCI packet type 5e
03:51:16 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f646f74732c6e6f636173654a385ed026be7baac95e9e92596e6dff7785ed04f91ac7cf63ce296f327ddf6f1b88bd5550d14c4e53acb3ac16542966f96a01ad59e7bed284dff9eb53fabb"])
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
mq_notify(r2, &(0x7f0000000140)={0x0, 0x11, 0x0, @thr={&(0x7f00000001c0)="174ecc3002c6b74e32d0392404b701235013262b242bd57f828322b886d0a5c202491b3cd130bc4b84a6c08f8d091f353dc221714499a93526eabd2338f165246a6e448286282e68f9b9c370c57f17f38fbebcc3431ed7c31c8f3ec52a39f6702735e7b8adb81fb80a5040c82db5a60cd79a6e613e0815216b32c6e2f09894b970c0e589b90fda33348b10e338a5", &(0x7f0000000080)="fde55b0788988be0b54ee3588fdd9e14a7c15250846bc3ff1070f35d464e002b8b99386db13d0292339341b6d44c96e4f7053f46e38862077b3ca3d942567b0cecde24ba11da49a08f0bfe533b336024d11fd5b95be9e5f61b7692a9da127b87be800de5488e3c7aa8"}})

03:51:16 executing program 0:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000300)=ANY=[@ANYBLOB=':'], 0x1)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20060, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000013c0)={{{@in, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x0, 0x32}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0x9}}, 0xe8)

[ 1016.284818] hfs: can't find a HFS filesystem on dev loop2
[ 1016.307843] Bluetooth: Unknown HCI packet type 50
[ 1016.325682] Bluetooth: Unknown HCI packet type 5e
[ 1016.336728] Bluetooth: Unknown HCI packet type 5e
[ 1016.362298] FAT-fs (loop4): Unrecognized mount option "nocaseJ8^Ð&¾{ªÉ^ž’Ynmÿw…íùÇÏcÎ)o2}ßoˆ½UPÑLNS¬³¬T)fùj
­Yç¾Ò„ßùëSú»" or missing value
[ 1016.363196] Bluetooth: Unknown HCI packet type 40
[ 1016.376594] Bluetooth: Unknown HCI packet type 50
[ 1016.376611] Bluetooth: Unknown HCI packet type 5e
[ 1016.376615] Bluetooth: Unknown HCI packet type 40
[ 1016.446519] Bluetooth: hci3 command 0x1003 tx timeout
[ 1016.451840] Bluetooth: hci3 sending frame failed (-49)
03:51:17 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f646f74732c6e5b6361569ebf2da3622dff75b7508c57009b46d56734728a3d7365"])

03:51:17 executing program 0:
open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
r0 = inotify_init1(0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r1=>0x0})
process_vm_readv(r1, 0x0, 0x0, &(0x7f0000002540), 0x0, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x42, 0x8001, 0x0, 0x0, 0x0, 0xfff, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x3}, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffff7fffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f0000000300)='./bus\x00', 0x0)
fcntl$setstatus(r2, 0x4, 0x4002)
io_setup(0xb, &(0x7f0000000040)=<r3=>0x0)
io_submit(r3, 0x8, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000000), 0x200a00}])
time(0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x4002011, 0xffffffffffffffff, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0}])

[ 1017.221976] FAT-fs (loop4): Unrecognized mount option "n[caVž¿-£b-ÿu·PŒW" or missing value
[ 1018.206387] Bluetooth: hci2 command 0x1003 tx timeout
[ 1018.211794] Bluetooth: hci2 sending frame failed (-49)
[ 1018.217273] Bluetooth: hci1 command 0x1003 tx timeout
[ 1018.222559] Bluetooth: hci1 sending frame failed (-49)
[ 1018.286171] Bluetooth: hci0 command 0x1001 tx timeout
[ 1018.291596] Bluetooth: hci0 sending frame failed (-49)
[ 1018.526319] Bluetooth: hci3 command 0x1001 tx timeout
[ 1018.532022] Bluetooth: hci3 sending frame failed (-49)
[ 1020.286010] Bluetooth: hci1 command 0x1001 tx timeout
[ 1020.286063] Bluetooth: hci2 command 0x1001 tx timeout
[ 1020.291480] Bluetooth: hci1 sending frame failed (-49)
[ 1020.298104] Bluetooth: hci2 sending frame failed (-49)
[ 1020.366051] Bluetooth: hci0 command 0x1009 tx timeout
[ 1020.607568] Bluetooth: hci3 command 0x1009 tx timeout
[ 1022.365698] Bluetooth: hci1 command 0x1009 tx timeout
[ 1022.365780] Bluetooth: hci2 command 0x1009 tx timeout
03:51:24 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:51:24 executing program 4:
r0 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
ftruncate(r0, 0x1000)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000000))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
write(r3, &(0x7f0000000180)="5cad27ea6784e2a77be01839fde571c255d12bbc13ff690f3a3c4d9e59a597fd7ef35fd8297ba547a00fd24a0661e610bc1ca947772c47451a45a85f231d37e8787290a9a7", 0x45)
r4 = dup(r2)
ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f0000000040)=0x3ff)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ftruncate(0xffffffffffffffff, 0x1000)
lseek(0xffffffffffffffff, 0x0, 0x2)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x8400fffffffa)
ioctl$VIDIOC_EXPBUF(0xffffffffffffffff, 0xc0405610, &(0x7f00000000c0)={0x2, 0x3701e471, 0xda, 0x80000, r5})
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="6e6f646f74732c6e6f0261736554d018e40763599a7dc18d1ebc699cfa71cc41227f5ae15406bda2fe19c2c5e234821d834e8a91dd"])

03:51:24 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x46b2})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
r2 = gettid()
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
r4 = perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x40, 0x0, 0x0, 0x0, 0x1, 0x9034, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x1, 0x3dc, 0x8, 0x3}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0x0)
perf_event_open(0x0, r2, 0x0, r3, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x7f, 0x80, 0x3, 0x40, 0x0, 0x5, 0x2, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x3, 0x1545c713}, 0x14f89, 0x1, 0x0, 0x9, 0x200, 0x0, 0x5}, 0xffffffffffffffff, 0xf, r1, 0x11)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10, 0x0}, 0x200408c4)
perf_event_open(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x0, 0x6, 0xdc, 0x0, 0x1, 0x1a410, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x0, 0x5, 0x800, 0x0, 0xffff, 0x448, 0xcec5}, r2, 0x5, 0xffffffffffffffff, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40086602, &(0x7f0000000100))
write$cgroup_int(r0, &(0x7f0000000200), 0x400086)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc020660b, &(0x7f0000000040))

[ 1024.422903] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=33895 sclass=netlink_route_socket pig=16032 comm=syz-executor.4
[ 1024.427909] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1024.439814] FAT-fs (loop4): Unrecognized mount option "noaseTÐäcYš}Á�¼iœúqÌA"ZáT½¢þÂÅâ4‚ƒNŠ‘Ý" or missing value
[ 1024.456486] Bluetooth: Unknown HCI packet type 5e
[ 1024.461562] Bluetooth: Unknown HCI packet type 43
[ 1024.474361] Bluetooth: Unknown HCI packet type 5e
[ 1024.503449] Bluetooth: Unknown HCI packet type 50
[ 1024.526698] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=33895 sclass=netlink_route_socket pig=16042 comm=syz-executor.4
[ 1024.532831] Bluetooth: Unknown HCI packet type 5e
[ 1024.579278] Bluetooth: Unknown HCI packet type 40
03:51:25 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f0000000080)={0xffffffffffffffff, 0x400})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setuid(r5)
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000040)='./file0\x00', 0xfffffffffffffe00, 0x5, &(0x7f0000000580)=[{&(0x7f0000000080)}, {&(0x7f00000001c0)="5beb51ee2801266cc1148e08e7f8b05979e1a7d21732b1fde661c6053572a251433eb309a304f84dcf1d30cf4584cf7b8c538f4a368a5d35198a92805c0dcc7c9d06bf0bca3f30632ceeba7baec962957ba1deff1e5cc5e354a40d9ad348dbf5adbafb59031a682986e251eb7412d5605e35c3fd4eacdaec4a3079cb7197b41a534eb17b6bc8a81d4557423a8a57ecce1b1d7ae3738d339603fce4351e350127b2dca5229bbe57aa8613b9", 0xab, 0x8001}, {&(0x7f0000000280)="07033f2501a0d06655a744f886dc88d897b614744cacbcc2651dca1dc9ff9e41b7ca4bb2127739fd7b6f7f435bc008777a861df24c6845461f652d879a6266a678688d2169e58e45bf45b0d7eba1007d59aafb6f3171edb99f2663cf6200394359237c4a4004cf54cd16b93f1d01b6818c43e978eb5e1c1a98c4dabdafc1092c52a5d598a824b7fd965fdde701425701cbbac875f75d5079fbdb36", 0x9b}, {&(0x7f0000000380)="8c0573847b1ab8177eada9ed0370d0eb2532507f75357fc9b1f646ad19b397bc38d55294cd1e6a4f31d8090f1c5c1dcc6db7eb743aa9f98e99c824669640e67dd64042a05238563e1086602e9bd000eef78d59350d3ae092ac2dd375123091752df4efff8cc5320f37a93f90b4785772db58ed98123ff008391f38f3d52453f157dee15ec153c2091bd841c717c13648fa4c3444f875e87e68c5ef8e5cc3b2aa9b027e1c2020a7be13fcee6b2182f457cad781d61af1431315c8bbf3055917d66c898deeda8ab311f3a5f2e15b1b", 0xce, 0x1}, {&(0x7f0000000480)="944f80f13dc26b8b475e07a7d42cb510c10f2db3bc67d9ff61c278bd4c581da0db79226a7a869488ab9b175098ae49b44ba8bd86929a8cd3a7e6d13a4e19018d62136970f78e51bf1ba281e80c941684aaa7211af435f9b6bcb78f0a08f2836413a23acbbe2b985a52e67b0287417ef496b7c50a37cfe472608017e0022ffd1b0101b8d38c273e2dba2dc5d24b3167cfe182bb8859e7cfcf164bfa9fb4d641ea01d7086f95df028e0324325e2588666484d6a4228d6dea6f40ecfc0f9c3623984caaafd836f5", 0xc6, 0x200}], 0x102005, &(0x7f00000006c0)={[{@alloc_mode_def='alloc_mode=default'}], [{@fowner_gt={'fowner>', r1}}, {@dont_measure='dont_measure'}, {@uid_eq={'uid', 0x3d, r3}}, {@fsuuid={'fsuuid', 0x3d, {[0x38, 0x33, 0x66, 0x33, 0x38, 0x39, 0x63, 0x35], 0x2d, [0x63, 0x66, 0x64, 0x39], 0x2d, [0x31, 0x35, 0x6a, 0x32], 0x2d, [0x37, 0x35, 0x55, 0x64], 0x2d, [0x31, 0x65, 0x38, 0x0, 0x3, 0x61, 0x63, 0x66]}}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@subj_type={'subj_type', 0x3d, 'msdos\x00'}}, {@hash='hash'}, {@subj_user={'subj_user', 0x3d, 'msdos\x00'}}, {@fowner_lt={'fowner<', r5}}, {@smackfsdef={'smackfsdef', 0x3d, 'msdos\x00'}}]})
r6 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="6ec564039b5b"])

03:51:25 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x46b2})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
r2 = gettid()
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
r4 = perf_event_open(&(0x7f00000002c0)={0x0, 0x70, 0x0, 0x40, 0x0, 0x0, 0x0, 0x1, 0x9034, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x1, 0x3dc, 0x8, 0x3}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x2400, 0x0)
perf_event_open(0x0, r2, 0x0, r3, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x7f, 0x80, 0x3, 0x40, 0x0, 0x5, 0x2, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x3, 0x1545c713}, 0x14f89, 0x1, 0x0, 0x9, 0x200, 0x0, 0x5}, 0xffffffffffffffff, 0xf, r1, 0x11)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10, 0x0}, 0x200408c4)
perf_event_open(&(0x7f0000000140)={0x4, 0x70, 0x0, 0x0, 0x6, 0xdc, 0x0, 0x1, 0x1a410, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x0, 0x5, 0x800, 0x0, 0xffff, 0x448, 0xcec5}, r2, 0x5, 0xffffffffffffffff, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40086602, &(0x7f0000000100))
write$cgroup_int(r0, &(0x7f0000000200), 0x400086)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc020660b, &(0x7f0000000040))

03:51:25 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x610842, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x14}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
timer_getoverrun(r1)
r2 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, &(0x7f0000000040), 0x4)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x4bc340, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KDADDIO(r0, 0x400455c8, 0x800004)
flock(r3, 0x3)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:51:26 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:51:26 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRES64])

03:51:26 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f00000001c0)={0x1, 0x1, 0x1000, 0x75, &(0x7f00000000c0)="94f683eb82c76dbbb2eb07149e6f8e53586f67cfd4b23df0d544c6d87c5cd5be0f233405fad1752bc91769efa147945bc11c583ff5d2889925f0df03ff34dec1493e725166ad570c5a776fcac9dd10221ba09d3854578e0f1a60c52a4acf25615864d16dfb609a2b378c4fadafe9ec11bc75a60e3b", 0x53, 0x0, &(0x7f0000000140)="85f8d5c5af3e5b47697b88098298ed91be4ee73db2454b3b0079ce966ce11aa10064468674c8e081f74dc7660f1285996421fede653c2203abd277f69d04fbdf4ba6082eb7eaefaa75364669580ed273cae15c"})

03:51:26 executing program 0:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xfffffffffffffeae, &(0x7f0000000980), 0x0, 0x0, 0xfffffffffffffea8, 0x20000001}, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
socketpair(0x28, 0x6, 0xfc, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000100)={r1})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'\x00', 0x200085})
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)='ip6tnl0\x00')
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x9, 0x0, 0x0, 0x10000000}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000000)='l0\x00')

03:51:26 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x4001010)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
write$UHID_INPUT(r2, &(0x7f0000000240)={0x8, {"14f6dbeaad1458d059bb4eca2687ad19769c67495782b9900a9587cf2d26f4834690ce85d9184d6c3307ddd11b0c83c2b899167a8d4269cccdf1a1bb43413cfd48129c1bd6704a86da19ec204750ba742f3f035e4b40c2cd82faa740a1da0476faf0908b5f12a0ae8beee12fba4c1cb7e69c726e8d178a27d9645196c7e753f8ffcbfc85884e29e650f074c414645c7bd88b33f1f369a3ffb0be9cfb92c25ea375ffbf7da1d2be1ce8b11d1bcb8db812c79dcb69642bcdc20c1b9a17ca3c5771ce53823351d836bc9c8c1af7744a580c68b32c6d0ebeb38186c4ee94aadc107597603249e194347fe87c182eb94feedefdf3899d29d1f80d63073e0fe9d12e1a46c7f06fdb99a2b2a45b7142e8b8224ddbad966d0c7705f715975611809e93d41567b4e690e9ce72085dcdfc078810e1cbf521506757e6084fc88685d2b935301313f9cc2d18aee1bfb3dc59525240ba1f0bcb93ede058027161337d44c1aa8eb754075270d4a7988ca65a5154e30690a8008e013b68d77b0f699e728f637f1e4c15251751981fd83158b9a84c32bac047d1fa640984a7c9373153687da9f2b7ee798eec9201e9d997311f81f25d6d2cddc6fc8ec69990fb8a93ba84a49fc05d6b3c10acbaa2d4493029227a9bdc473d669e782ee9ba3746ba6dace0d7ba32447f03f1d53e909ba2fade2ca0a1fff9c7ff8b47327f5a44c0b5a367cb228f9383b98014b09f6a2238ea8b07a8172cd74367aefd9de7c40e50d155280735697b2667af5a430073a4e4078b12b2d8e3937ea6646fb0e32d1d62b02cfcb0bff7a54d6909ef5d9207bb6249e2f3cba3fbc1b3b85f4adedbd44bfb02bd1bc39b389f54b1faf678a745b0b2bdbf2c5a04f1db202a1e9e5ed42a65b12e1376877848664d207686681989d50a82ed3ab97f122637b86290b259bb65ecc9d213fcea892f03d2e3ecd1d5530b82e323519bb9371e22f7f2d7d92d54cf6cd43e72c05bf6d4681c6e525ba166481bea6bc274d1c156a6fadeaa9ec344caaead82c0e962efd546086223007c12a087372e32c04533350bcfb3f4e53fe1904b6197dabe62ffa36fc6be09e9043e772d72d3bf3259dba25a2185e979dc6c2d2f5484a3d2e56f9da696e9e24e751e80aadcec4d9d518d76e3d9941c6902b3f52ba8f520bd8ee9582aded9ae504418ac06dfc85bb500aed5a340f2a7182f8a141f6988f1dc9dd116087ba9cf25787e87f0577300037cbe867b02486802f0ac3cc54913d1adf897c5f188df052f48a29d6d0efb0f7e10892a314241c7edbf009124d308720d73b543394bb12fbdca079c249fa62c664e2b444f0e9d76d9b12e567ce417a0955d63c6d576fe4448aed4ed5b132e90c7a362867d68ab6f8ec478e1588588de52d750e0a3bc1ff6fb36e31dfb06672b0c1c1caf1c1703c72d8524dcd8b88b96af6a37ea24855e9f86e729ba277d8018cc1ccf2c8036c34dd083953a01c02c5864d219390e963131a41cb1b65d5877fe3faf2cac04450e18cc09ad653a1888cc245784d1f5e6cb6a5af99d56ef0ad596c1bc88b058b6260b2dab89d862aa46937e4593328e2354a3478351c3ffab7130090975147db77846b7e986ce5845807a356cf7e4ee2a5c8b6875949144515cc6aa908b166c55f78fe85c66054d9a0baccf75b6d6943b319e59f47a62db06c6d416093469fb9995900a9216039ee2ba69c89fee80f64a04161e1e61e0133c1171a4873884f1f3145d187213861c6e89b608100aafa6f3ee13891799836445c0425e65fd8898054cd24fb69bcfe6ce1a6315954b1f810004d59d8090a7c0fc0a264fe7885ae2165c38cddbb6958e66f04074c3f03749ee891eee37cbb1246d83a1292529bf33ed40cff5e9e75f64e01861602e8473b566680f95dfa9349c684a4912588d8fa0a9dbb1a93b89e9b786e493f8c15ff87716c00f106b22b64b366979ed59e8ed53130dce80b3b08018844e441578a61cab679ac7bcd56a31ab45931dccc2e2dabe8247c58d1b6abf3a3a71195493e9b6f4450448d400086ce415f5c0ad7d4a5a1687e24acee3099acc63f8a372e81f3de4a469bb098919065b12e2bee687256a823eb20706cb5b2729270ebe6a3c4c290cd0f943a5bb0f8195177e08c7913a3cf1e7bbdcd389a9bd566db8cdb514a837d34a340a9d5753c06f8cfb80b240d99a2e1f77dd86cbd60c8cd79d9f83b3ad5ed0e05ba4e6a1c911a9bdf6b8e4d6496da0f45e17e267182336ac4cd5797a05cc7b53e33c06d806e265cb0b257d7ddda08bb82e9594b9bb82ed27fff9b34a43b215ff496298d2f6b067379fb1b0c8ede02f3a649093a6a52477778ecd4c0692f7848445b2ea31690ed98f838df34224aa61b97f66d0693aa4493311b8755094d8c18aeca1bf2b725aca0fd032d6dd43416d1a5131f45dd96b172ba9730640b0d97e6b2b29cd1fa708453e9301ace7fd9cf55ceb20a58f57724cdc8d182bdd6c1494dfc91a7d9b5ca07886edb84ff653b97f0460e19f0bc15c1ba0c44d7d7e68cf77238614d04eec84c41d41ced6ea7da4d168da3f9db45bf2a229f6c31fa0c0cfe4323595fce8abea499d494126bc379e52e53d7417fa28e57f3374ffc8ef85ef618f08e72e7ceb7d69f7eeab3a76039ed2c82633f3a2a7edb1802e20bbc89d5fa18f8dcb1624617c7ef84e4ee13ca425c97137163e4e68851757781374a00036cfb85952c75e57c992fb19b8f375c6c6e4c4543a9bd190cdeef2f0e4bb78b5d911c9c81445799ed70d947d231102e034829d3c96dd481429e0aea3c9f436d5bb582e2a629d171424a180a496cdee2e03ec8b39abdd7ea0bf8d9382a9795304a8048f23a7f50fc102b7e0fa59da0eb82a96dca45736e85b96dbea9f424b38ac47ff834d34e2a878a572106171cbc8d87e565a6d55f8dae8b9e7bcc0b3b7f52761493a23e3c8b7bbb70485e8dd4a450a430e963a3b605810d511575bb37e73e6446f4b29e230267cbdfdfe3b3b91032b76d71c6bdb71d73a42ea21c4a4bfe3aed6e807d3c38a4662167aad01e0619562cb7e186d1497ed31ed541b98d1018e9a750524161eb7076012430d0f5de9bd0da02b2dcf3cbae0828d76ded09233f9424219c8005a12a2b4f699f9176d61991940923f5f5cce01fc8cff0c8d316e54b4f533cbffd569d4f97c6180605391e21605f5bcbfbd08433b8b9c304ef09c5fe5b288313e23dc478c794f102176eb9dfd656284f5f31130b40b36c9996faa6ee77ab5837d6482a84225a5ac1d761f8f791a6250b54191bc148fd11b8467b27ba156e981843b759fe32df77bbd6d9bb4921cbd345bc87320290793929d13bab6599f22d7b1b7d7bcf8895bfe10aaa9d12d6648d02dc9eef183975ec14cb9b9f9d2a39a5e303c2a5d5cfe5f2bf09b8e3c87803fc3467078e638054070702081226547feb4ad6afd42d77a8a9d5dbf8e392dec5a43992e18e0ecdf45b70dd84d6ead6e303314feb8a55eeb8465890b093697140b3ffbf3fcba8f6676c71ad336fef8bad0200b7581307d7a844d5b6f6d127a7d676be13e23d15a10d4da93d4f39118e5bd4e0f871c5f0dcd86b6e942666325ca77dc6cdaf56c157b6c3ff4ddeea1770f2f2a983b6daf08c29fb4edaa728aa36917f21a5bac96d223d3487511acf54bd2498db35358a6e0b61075b15155e07f8ee2222c61b9155e70c17a2437c09f5d97ace1dc50d83523e1e88eec782273e1f07bc72ee7a03253d473fb405ce356192cea95040f726797f5a8bf321781927728fd08b32817121644bb1fdfa791b59dd1bb63a60f27339d3d8b294dbb668c6573dd38f00dc20d18e9d2e651dc32747d9d378426c955949eeade81f29edb78e5858b9c0f85d6f2e7480d490948efb80d7f1cde03863a5fd1091378a87c6899ca77d23e35a363b21dd1961c1e5dfd088780a27e89994583e49d1ee4377c92013244138c8bc9689fed83ac57481d3ba8a53f9277367e7ca963ae7484ad557608e2094f8f87673c693c07ce2de55bff277fd73417c7832fa51234a3349c07f3c3fa408e084bbb9794317de75f664eb13b9307bf204608a9468fad80e2f010d4be04bf1ba2d4ed818c405aab81fe96e709ed9774f92bb090e257f980917260ec5d717c7da0d796cb86f769112c26e49322e861aa814328c8fa400ebf798d7a5c24d25b05162c1a2f513b30d0283d0872bf2c884a8ef0c7cabb9674e8e391faae5fdac56d644d14bbd82cfcab2a3aac97ae1b7fe4bbd939e332f14674fde5978477384c42634f7b6c7264127a8498299ecde0c82b80a832e63b2da86ff3dbad962bf4e2c33baca179326329542bbc84ea3f6f6277278a436ec68b72e935635153d2bdb07e8e6b33390c0fda768f57e3546fc2b22a5b050997bae3c1542a9c536e79a4e7421655ea5589b6e60e37088f990ca9b78f9d90671ba462b833d0a1ccb1d7050ae32bfa3b75bec1fbed75c0dfb14ccd34eab4dd429d8a4edf0e992c70218b7205898e55d74762062b41f5a31e55372fba0930f3303cac3c08dec27e7cc512b0cb84d6e3fd3e266a0188e4b04d19b9bb7e3ce267044f533323bfbca15f7b54b0a84f797690f91e8f0a70293f7451c88cc45b7274bf7c53ced4bcdd42bc3e0fd7198797e4f04cfa76ac6653a5764d2248f3b0e97277ae09b0f03bc83ffeb60440be011b8d6a40fe24008ec0cf0e2113c82c66e9040136171c41aa47ca98fdd0c5fbfe86ad6035550f98bcf27e52096152d98e8114a5920b1623521e0bbf7c1ee795f15ffe68bbb58b79de7387995bf6f94765ccaf9b6e3927d5ca45b39a90cb50bc441a66f80708280e0f7ceddc75561698821aaa77e5d86c367f9bcb37e793551dc3721c1aabd9911d0cf3f42b97a162a71c5011857d5a96aa5fdefd96e25077bec355ec8ac46e2a2367451030b7581970ebcadf8c43ced4ebe478f5850b1e78d72011cfe8918faddfa5bd53886868eb25a27b2a067350170f9be2892bd1c34409653309404573bcdf01e2c2d6df2771819bcbc0acea8c083626f3cd019a207e4d0adc04a2c9ea3a801978d1b2bee38d8b4cf1e25826d6720ce31fbb7e6efcd93691b4fec0da6214c86ce5f36246194fa9b7d7c09193269c8496a18a03c942ad943cdefd8018f71d91a7ea48aa8c5de712159991e4a3e95dfa6dba201dc550d8bc82116e29ced2627b0087ca9eda002ec8e3cf5dd5bf927b114473cd41af32069526ed4de484f5b2e2c5d67f20a6aa467f78c87bb3d48f9be648a84762a43c88a5bd723b660e3441a5e1676d96a38b07075b54bd072f27265ef40812c107bd63fd9ce606544b05c9c261a457a6d2d952628bfe546d73e06ebb78d12d7413db6d75b3f7537269797b59053f00de62017e4e39586346ec827b9ba2805f87e890f2f5587fc8fed3558e901bd741e7ba569eba3071e153f5fc0df93dbad74c066f8bdc05c382db76b5e1e23523940d46fbc134a906737a13a837d0a6aea131711d32d7419cc70c8b0ad302d73b17d72512365e7eaf55ac8ac9e7595ae7e9feafcd1be82ea304d1e2c7e9ebbb3dc842308e7d3fa68712a441eb140dc2ca1fc86e9ffb2d4f9130932ace2a3704c2c5d7a3010c95173a93e0ef9b180401d196fc3e8e3f37df763137686009795acf42a2599d83ed716d0eaaa036090ceb9402fe62f4474c22c24cc410573536dae2e587181e55e517475eec2db83b495d2cdb3f3a27f615d5a719ff4704fe7baf6cfdc51576828ac5c57cd1cd0024db3702d5e22edabf41a326e328b517a6e2e0b3b016e00200ddc0", 0x1000}}, 0x1006)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1026.351733] Bluetooth: Unknown HCI packet type 5e
[ 1026.356969] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1026.363216] Bluetooth: Unknown HCI packet type 43
[ 1026.368912] Bluetooth: Unknown HCI packet type 5e
[ 1026.380381] Bluetooth: Unknown HCI packet type 5e
[ 1026.385574] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1026.389424] FAT-fs (loop4): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value
[ 1026.391518] Bluetooth: Unknown HCI packet type 43
[ 1026.405583] Bluetooth: Unknown HCI packet type 50
[ 1026.412226] Bluetooth: Unknown HCI packet type 5e
[ 1026.417553] Bluetooth: Unknown HCI packet type 5e
[ 1026.420190] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1026.422918] Bluetooth: Unknown HCI packet type 40
[ 1026.433408] Bluetooth: Unknown HCI packet type 5e
[ 1026.438779] Bluetooth: Unknown HCI packet type 43
[ 1026.443779] Bluetooth: Unknown HCI packet type 50
[ 1026.455244] Bluetooth: Unknown HCI packet type 5e
[ 1026.455768] Bluetooth: hci0 command 0x1003 tx timeout
[ 1026.464126] Bluetooth: Unknown HCI packet type 5e
[ 1026.478952] hfs: can't find a HFS filesystem on dev loop2
[ 1026.487769] Bluetooth: Unknown HCI packet type 50
[ 1026.492267] Bluetooth: hci0 sending frame failed (-49)
[ 1026.492781] Bluetooth: Unknown HCI packet type 40
[ 1026.509137] Bluetooth: Unknown HCI packet type 5e
[ 1026.519400] Bluetooth: Unknown HCI packet type 40
03:51:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
fcntl$addseals(r1, 0x409, 0x6)
r2 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000000)={0x0, 0x80, 0x188, 0x9, 0x6}, 0x14)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1026.601084] FAT-fs (loop4): bogus number of reserved sectors
[ 1026.611515] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1028.364889] Bluetooth: hci1 command 0x1003 tx timeout
[ 1028.370255] Bluetooth: hci1 sending frame failed (-49)
[ 1028.444868] Bluetooth: hci3 command 0x1003 tx timeout
[ 1028.450407] Bluetooth: hci3 sending frame failed (-49)
[ 1028.457135] Bluetooth: hci2 command 0x1003 tx timeout
[ 1028.462699] Bluetooth: hci2 sending frame failed (-49)
[ 1028.524895] Bluetooth: hci0 command 0x1001 tx timeout
[ 1028.530239] Bluetooth: hci0 sending frame failed (-49)
[ 1030.444712] Bluetooth: hci1 command 0x1001 tx timeout
[ 1030.450194] Bluetooth: hci1 sending frame failed (-49)
[ 1030.524667] Bluetooth: hci3 command 0x1001 tx timeout
[ 1030.529984] Bluetooth: hci3 sending frame failed (-49)
[ 1030.535460] Bluetooth: hci2 command 0x1001 tx timeout
[ 1030.540898] Bluetooth: hci2 sending frame failed (-49)
[ 1030.604760] Bluetooth: hci0 command 0x1009 tx timeout
[ 1032.524430] Bluetooth: hci1 command 0x1009 tx timeout
[ 1032.604433] Bluetooth: hci3 command 0x1009 tx timeout
[ 1032.614975] Bluetooth: hci2 command 0x1009 tx timeout
03:51:35 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:51:35 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x4b})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:51:35 executing program 0:
sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0xfffffffffffffeae, &(0x7f0000000980), 0x0, 0x0, 0xfffffffffffffea8, 0x20000001}, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
socketpair(0x28, 0x6, 0xfc, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f0000000100)={r1})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'\x00', 0x200085})
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f1, &(0x7f0000000080)='ip6tnl0\x00')
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x9, 0x0, 0x0, 0x10000000}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f2, &(0x7f0000000000)='l0\x00')

[ 1034.690995] Bluetooth: Unknown HCI packet type 5e
[ 1034.696832] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1034.713441] FAT-fs (loop4): bogus number of reserved sectors
[ 1034.720643] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1034.722953] Bluetooth: Unknown HCI packet type 43
03:51:35 executing program 0:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200000f000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x19, 0x0, &(0x7f00000000c0)="b9ff0300000d698cb89e40f008001fffffff00004000632f77", 0x0, 0x100, 0x6000000000000000}, 0x28)

[ 1034.739561] Bluetooth: Unknown HCI packet type 5e
[ 1034.744968] Bluetooth: Unknown HCI packet type 50
[ 1034.754306] Bluetooth: Unknown HCI packet type 5e
[ 1034.759203] Bluetooth: Unknown HCI packet type 40
03:51:35 executing program 0:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x11)
sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f0000000080)=@in6={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [0xe803, 0x0, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x10]}}, 0x80, 0x0}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080))
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000002c0)={0x5, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5, 0x1088, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x500, 0x1f, 0x0, 0x0, 0x7ff, 0x0, 0x9}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x0)
r2 = gettid()
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000540)={0x0, 0x70, 0x2, 0xf8, 0x7, 0x6, 0x0, 0xffffffff, 0x88008, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x5, 0x448708bc4aa24710, @perf_bp={&(0x7f0000000240), 0x4}, 0x2025, 0x1, 0x400, 0x6, 0x2, 0x0, 0x3}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000340)="f9ce44bc713904119247e07734414af1578d2594f8d5a943ff681de407c1dbffb1b7ef7644b2102f78259581297d7b8f20bd25ba190a84a601d09096db64beb251326f8903e0f7849c640c3bb16d569aa41b242c8da4adfbe619b4121969be8a8e1b91ea34300e9a2a9b2754df2c5f3aecc711ddc6e25151fa24fd31e2b55b06729329fd18dd260e74db52f3c5169acc307460338afbb4ef9c", 0x0, 0x4}, 0x20)
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x2100)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x8}, 0x3c)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x400c00)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)

03:51:35 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x80000001, 0x80200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_ACCEPT(r2, &(0x7f00000001c0)={0x8, 0x120, 0xfa00, {0x4, {0xfab6, 0x200, "ef5081618c945e16079d6609d2aa1d342e8212f01fefadbe670756fe42056e65b110776133233df6040e00b09e9fe09e84f91c1f00ab2541cde9b1c733c6ad85cf5253dff3bd38760893893bac24a45e055e5fb006a413c031d4ff9ed0d48967efaaf5dcd1e44ee46eb2876b7f5a5746a55657206c11cb8a5f15e01267fd5cc85d7596c839bb56cd613341c1199b175166d5505ed7f041b395753f8a75dca65ee628b76505f6452d4723a23c4ad6375b0b2193d6f37a1fd0cadf7ced145cf8fdbf9662879ad9f139977b077c8bdb0d39e0009172682ff2cedeb141698e79bdcc13cb661a694769abe71d405a3a6a83ab47245dbee4db53c71b755f7f1345d463", 0x6, 0x4, 0x5, 0x0, 0x7, 0x8, 0xff}}}, 0x128)

[ 1034.831570] FAT-fs (loop4): bogus number of reserved sectors
[ 1034.838250] FAT-fs (loop4): Can't find a valid FAT filesystem
03:51:37 executing program 0:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x11)
sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f0000000080)=@in6={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [0xe803, 0x0, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x10]}}, 0x80, 0x0}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080))
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000002c0)={0x5, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5, 0x1088, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x500, 0x1f, 0x0, 0x0, 0x7ff, 0x0, 0x9}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x0)
r2 = gettid()
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000540)={0x0, 0x70, 0x2, 0xf8, 0x7, 0x6, 0x0, 0xffffffff, 0x88008, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x5, 0x448708bc4aa24710, @perf_bp={&(0x7f0000000240), 0x4}, 0x2025, 0x1, 0x400, 0x6, 0x2, 0x0, 0x3}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000340)="f9ce44bc713904119247e07734414af1578d2594f8d5a943ff681de407c1dbffb1b7ef7644b2102f78259581297d7b8f20bd25ba190a84a601d09096db64beb251326f8903e0f7849c640c3bb16d569aa41b242c8da4adfbe619b4121969be8a8e1b91ea34300e9a2a9b2754df2c5f3aecc711ddc6e25151fa24fd31e2b55b06729329fd18dd260e74db52f3c5169acc307460338afbb4ef9c", 0x0, 0x4}, 0x20)
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x2100)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x8}, 0x3c)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x400c00)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)

03:51:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14, r4, 0x1}, 0x14}}, 0x0)
sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f00000002c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)={0x114, r4, 0x400, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x4d}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1, 0x16}}]}, @IPVS_CMD_ATTR_SERVICE={0x58, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x41}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x12}}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xff}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1a}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'nq\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x6}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xe16d05a}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x3}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_DAEMON={0x48, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team0\x00'}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x7a071d9774e8b994}, 0x7a07b06cf14e0945)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x00ocase'])
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
recvfrom$l2tp6(0xffffffffffffffff, &(0x7f00000004c0)=""/100, 0x64, 0x0, &(0x7f0000000300)={0xa, 0x0, 0x0, @dev}, 0x20)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x2}, 0xe)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x3, 0x2, 0x0, 0x0, 0x0, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x8804)
setsockopt$inet_buf(r5, 0x0, 0x2e, &(0x7f00000006c0)="97cc5503bd2fd3eba25f0501e2a7a59d5a99f476dd80c4d658e10a97d61e16a064b192c057222b5480641ef129a6180efaa3787d9b8d5d358b46cf1bd748245fbc32f6ba6632174cb62fdcd0d26b169e0cfcf3e20dcc5742da2a47092f01f50aa02899209b512c0b7c6f50b0dc7057fff331cd00475a8b0b15da72146da34094d1d08a0391f8b7333fdf5092bfcf38530a5ebd5f546d5680d877bb31c4ce5f8cedff9773ca2496bc09b430903c29b14f607de47a917425eb7b1cdfb67d19c6b8c913fe0b0bc9b8c8a6890823df9d6945640b200b0170ca19897031162be0f4bda1bc9c75dabc44924bfc27f967c9f510ef73b33384e9c599de356507c4d587d1accd679b18aaaf35679234d029a1b79b7cb7f468184e2bc8c774527f3b7231fab163bd0e23419f2de65d73f2dd31e6a62c94aa31530499f92b3365a38477bdfd9122e827b66a38de3e7daef8fac497b83022a33d22b0d78c19602e3798f4c79a13571318fed86765cbee98f9b779839a0e90bb0bc1d5ace5d83c2c22f5a7e877aafea008176a890a2dfc662665ede9dc5879e573fe452edf744372dc2c42f5b73395ad49e03f27f5b364b3f6ff12424e768d404b7ba59dafd33f665e844ca3e00543ae2906a459fb59ab655b872ed1ff6256c94ade2f9457c82ffcf7c032b7b0396e7115a2c801d3f654be512f3c16dfc762d7e271f1feeffdb2a25c5b9329967896bf394415b40a1b4bbab5eab212d158dc23fab8f7f5bc7c25ce55d3707a29f8432e7e0450e007ccd190fcd95b96f06e75237c524dfe500711d9ec06195195d226af79cdfa08004da840df467220ae2b34bd38bbbc0f98072b7506b2df872e848526606df69b79eb1e6211df3e91223408cef199c3afc047d5856e17ce1ae84ba150132dec2a2c49f62d56c80db5e21a227b3c95749f1551fc173e6e894ca50f4f334ca51591e40f5113444843e002b42678ba1637820220fb6de3f8f41ce3770faddc9ca7b01a1f23ef42cedc4c9611d344f68491b06fd5ccc0d2ffc8c3a2d0ed5a5b429562d43618c2bbc7f886c20ef6cec582f848d94bb285831f8ec804de5ed6a10708ad08a32d43df850de28a145c1150ae69002f27fb0137cfb06bdce556e72ec370bf9c458548aef23db5df34184f2feecf696977fde7bcdccd1937ad0bebfe3897e0494c2e0b41b5fc294009855933629394e735b3b004b4cd43cc7c93d0d6e26bf2762a3cfc9ea86a7a03e679ee3fae98be63ee3e9e9d8410384385f217f23238f1951ebac862a0fe74477cf6d2a417c7e65560af99b2cd850b4705024a31a7cd52de9200f5120306427cc8b28c56fc7da1aa443e88ac3910def459c83f76937e9c4df0b9f4255d7c8e2b73331b6fb2488d88564c45e5eab653f694b2db5b600d9cdd6b3cf226c0e8a51b1cb66058a07075d717a8f5eefdbdb0b957bb40af05aaeefc3dfea9859662dd3f921faa5146a5b780470a8bc72b29ede8cdc28617f507645ada8c568866a0afcd32afa0c65d58c788cb417d08e0aaedee4ea52df1f8f0a360bd354e17f9f3ade19a84ee5def3786ddfbef8b67d4df92a2d6c8bf9d49169eaf32f0699ab7c79f9ca99f8e88cdd7276e9cf992cf0f2393724614f7f38f8fa08a357f3a77f81a00a7b8a96f6a3f3088f8a7f7a7cf7bf193476d2b6fa09f20c733fea08ee024ee33377cc33b06eeb6665a090706a8f18a34c702ef13f94d98f78dc9a64f68eacb3213fc27b9d839423ee42275280cf37764dacdc446495cdd75d77f84a20df3a0996e1910ee71cf0022eeda837a61b00c8eb46a5002066d325485282bed3d32debf64e0d07656e687ac0ef8abe2a17ab245544f3ffc46f8f6bfd7a4374d5aa377c0febb11b80aa9a6763a269a5f5650294380ba8c0be35bc02cfea08dfc4401666cfce51c6bb0ea40c9ee1243b96ea6c1f78b3f7026f5659c3f2a0a3ece1174b769a7ffe8196d074a46c5ab3327384a22a385f290ce52f98d746df3e4a7850dc402c78b9644e6c3f9f817871d3c16451252aeb2a4a7a7011f7ad527b2385ccba5319dccc75fd2333307fde7aea543ae68bab0cb4c991d71e02c919706a6af126c8d1a40f12ec2920bfce6cb6843d478230eb7051319eb102ad75d9eebd8c80b68bfe0d19f695e104232d58619377093ffe89f716342953f22deb5eecf957d67f2895667f7a7fe830fdd99c4b1d7264d10d2192c1f4709d583d49dc8edd03f1d08deb9876aafae8f857f1623ea1d3811f76e55b0976d19184683e17619c11f3ef5455f361ae4ac53d19843a6967cfa02b120c4b725cc715bd83d07edbcc84fd0830189aae9c26c9b1d1d86359606fa3b619f376985ff0f756ba4205101bb8ed8faefd63593572caac01540af70ec882ffbb3506db9873cd66659b64dd6353509f2f3ed32a00197de88fc75c5b3190d3b5e4708658c65a9e9d2e339ed50485c0b4e04635059d467f5994fc88b29d6b5d2a5dfd42f38e4be513296326505df3cef79cbc761747d591b99237f5446ba54ba9faf2c0c4140087fd776317614fa5b5ec6366462ac69304ba67ce8bcf57787079cb98b467af0f4977b9ca73f1419c2f18023cf41e5f7814b1467f712f0f9c4b781e3ab7eceb30b8b055cfe9ac6f811d8aa6587669f093c1a3b355e64f17b712bccaaafb0382152dea857c16f93d3afd8c11600942d7cb2f807e735b2cf5d420216d850c9a730ba635af5c1be82f0a972fc605b492290a9b5eba6cbbbb0570cb71b7aaa624076b3edd7beb6cdacb5eeef9bf7986dd96a717da0556cfa0644dbf7017e335e599667331db307b493c48ec4a50546f07ffa6cf32f978e6c1488937faed4f6f41eabcdf4690643ad33afe379d56d6b6a731ea7b74a4a1e4fa11c254e42277d6b091c7f78956f4a318da285f9ec3c7cf46c13733b86d55edf1b58a9c3197601b0fbc9db11783714ef62a58af394b7fa7c753c83009361680f83e892e6003829e35bd107ab227106e2ebb9052c7662b54be72dc44ebedae318d1378b10c04ad6eaa835485ef8f0232efa6ee363b42311a65737a561bc411b7247ba21c0abdb431fdb375236cda5af23830e7b4be0d060ba7955c040e37018acdbba01a0e05111f3b63ba9f039cd1de57ccf9601fc7bb1c547ecca84851a654c4aa6b8a00f60afbe394ac54abaa74328c356155ff88b291d20c6328550a4e89dba8efff063dc6eccf08e70d89850e99028a2618d6f850a8a4b4a568e0aa9b6b49abbdede2d26db24f2aff50e110097f584d72517422f5a1e6da0fb07740b34fd4b9adee441f4a2095915fd451ec0c2ae287863f8c77cc75b8562be746141c23ec518772fd369e63261338eb597c5c76eefbfd70bb1c7999e60b4eda1cfa2c54c9d3f73a4dba36ef68befac9cc4ef51f7122d95524725ac8254d981efdbe1ac19a581767f1d40698c974bcf20fe63812f8c09aca2e47a1c29165c82669ec5b7a01d47c6fd2f8c4e2e6e84e1c59de20bdfa4ed93ac0568b8b1fcf255e42597310e60eefb63abac2be9e699cb72db468af920fa7f79b60ff4dd3aec43cd31f05a138505582b374854d04dda298c7a12636a8d6401fb50bf25915d9a435b7e630c9ae8345a7d0819e74a01fe382d4dc077626988ab7ad5c693b58e642c95647dfb9e3960ce2695758db3b5d5d318bb7bc0c8c2da5f83e988e52104c5082dddad2dd737bcf712ccbe71e5065357287ba4eef6eda8914d9d3ed3595009ebd8ffb515698a140e19322f33a2bae02c82101ad453ef23395fe05797da0aff2b337123cf6c50bbf0afc948d5a84c2febf926efd00fbe30750b3717bddfc81a4c6282677304171ef0acda0d5d77fa1e08a5d7a5a8a35922743c5fe4d8365c32d2a0a080fadd1630fd54f6dc5360e645514ed449c52c7d4351b086bd5282218cfb88b4f6b9d1b441ba2a55fa2fd0148c231172e013dd22015139fb9703cd260e1b0dfc93be3e258f05e14d62b2dbcc068b7c289c49886a7e3557f9b9df2e37cb83bd48b30cc2092128bada8584cdff54aee73da7a5bef44ebfc6b1be92ad79e75a24bda3197b57c2cac3605854d6af749ea07dc63d557a99496798d649bc305ce161d1315889b1cc87bf737863c5094617fcd997aa9a40af2b50488d4ea143b5e8a18e45181feece077a548261f0ef08454af333d1f8e5b4b3b82b90a35b0b0ba34c3be92d9627365f48741e491e1257d0e32849d562c4ef29a17473abbe2be7bfd8479df145e2cdc650dfcedb642509ce978ff1780c0aab824479a25ea73a67342c3081636badf3c36ff1f049eacef0acfaeb352646db60e39ea47123452d96f3c1d62a803125e8fe81c54ac6715208d4b8ef0872632bb83b0a4a0513aece22eab0145aaaa97765e1e10324a3c6c8033e5f04d2ac2cbc889bdfcacf62bfba4321dfd797ba2bc44c7af60f068ee088a374d537200da6df58be1b8285e9b271f3cf1d0489602589d41751817f214abb688a2f224894c2115d465d85072df12936dc7c79d435e4fa0fd6c1c5d640037617cea31c4f0ddafa4d51f0023aa365b6f83523f7210a09b4dcc780769c76aaae62331ef12ae01a3eb983fc8647789a27fe2fd0983eb35f76d2085cd0a816669e586ad0f21bf1e1681c2ca7a876a8e564513c3fba5f5ec9c8fb5b4c8d4f4aabd626615b1c0190219b22fffb87aecf12041a532f615f393d65cb0dbdac02e81d63353ccb677ecdda5399245e669e8022a425a87439e9e58894290c32e79d66f9f41f71befad98628edc816689f55a7c452c48bf355bea3606e77b2f0d9f9a0764cdd5493bfeb74dc2c1685768e12d4b5eea3b07169f55f3236e53a0c7d3460b6b8fc70f8b94d12cba3bf2b100b60ae58153e26d2e22f0b9de43a1721e20ad52d45d71d19241f922933bad688805883baebd13b8c4636ca649dc410b148571053d95599b2ea347684a3fd445f57bf59a60790c4045049b391e7c678f775e90d81e13ffb096743d8f30fa22351e91e49591c87f9f9160a3bdfaf6f96812a096798eea99b30738c57437d7cb386dc31aa56b67a739c454997b858fb6b7319d1cce269d5fd7c7937c1fd2d8f6d823158c01405230d836959c3b0a71aea032c4102a62c73bd3866b1f6f034176e86d44644a161284ca1405d45341bb1380758e83f75b5ffbf77287c047ec152165762fc3fcd0d3f9f2abd401c9ac42b974bc0548427bdc25c9f79db598beb72f0841190e32fd8a3ac845264f7893085a12e35ae26775c549d2aa58f5cc7267f19e2f144c98f7067b7f5b0de4a5776adb1e58f0f380c5e5fa772ad54ddaabd5bdf933732098246a8729d3c4a59ff59ba4fc5df7809140e91bfe74de40cc5ee2d23fefea2db37b7bdbb75dd9d28d302e564e9282a22c070ea2a164824e4352d016099bbce6e1e9023cd92517d960b2045fc292352db59b8e99964c72564d672dbf8f2bb926bf4e199a596ba2c9638d035eb3e2a48bf5f6d6ff4009f5a3a2bccd4c1927ad42766f768b37897c57abfeb8f63fbd61ff11bc7c28468a2d17ee0571aadbfb528fa4490092e21d662ba694acf10c3594b1aa303490b06a88b1b7034e989fdea4077284c653795895f64edb4f8a4d721788ad84e4962a75ed98ce45246ed4084dc73783be747f3e848f0ca3fd870f2db91ba166dc5fa76e125bb776dfc233ff763c427af0ed010680c87138ff7675dc798e8c27eb6a02ceb4e15fdbf84cb5a258dd11f523564a2165982f0ff064f0508d3cf210fd5d6df9470c65b8ed86ee441abe40e91ac77714c138981fa3db3a8f0cc21", 0x1000)

03:51:37 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_bt_cmtp_CMTPCONNDEL(r1, 0x400443c9, &(0x7f0000000240)={@any, 0x8})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
lseek(r2, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8400fffffffa)
ioctl$DRM_IOCTL_GET_CTX(r3, 0xc0086423, &(0x7f0000000280)={0x0, 0x2})
pipe(&(0x7f0000000200)={<r4=>0xffffffffffffffff})
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f00000002c0))
ioctl$VIDIOC_S_PARM(r4, 0xc0cc5616, &(0x7f0000000100)={0xb, @output={0x1000, 0x1, {0x1, 0x5}, 0x3, 0x10000}})
vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$GIO_CMAP(r4, 0x4b70, &(0x7f00000000c0))
ioctl$FS_IOC_FSGETXATTR(r2, 0x801c581f, &(0x7f0000000300)={0x200, 0x3, 0x20, 0xffffffff, 0x10000})

03:51:37 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
r3 = accept4(r1, &(0x7f00000002c0)=@rc={0x1f, @fixed}, &(0x7f00000000c0)=0x80, 0x80000)
ftruncate(r3, 0x1000)
lseek(r2, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r4, 0x0, 0x8400fffffffa)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r4, 0x80045530, &(0x7f0000000240)=""/95)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:51:37 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x0, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

[ 1036.633096] FAT-fs (loop4): Unrecognized mount option "	" or missing value
[ 1036.650878] Bluetooth: Unknown HCI packet type 5e
[ 1036.651017] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1036.657666] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1036.670241] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1036.672228] Bluetooth: Unknown HCI packet type 5e
[ 1036.676280] Bluetooth: Unknown HCI packet type 5e
[ 1036.684552] Bluetooth: Unknown HCI packet type 43
[ 1036.691018] Bluetooth: Unknown HCI packet type 5e
[ 1036.696394] Bluetooth: Unknown HCI packet type 43
[ 1036.710853] audit: type=1804 audit(1586317897.230:107): pid=16196 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/116/bus" dev="sda1" ino=16161 res=1
[ 1036.731431] Bluetooth: Unknown HCI packet type 5e
[ 1036.744161] Bluetooth: Unknown HCI packet type 43
[ 1036.761102] Bluetooth: Unknown HCI packet type 50
[ 1036.766672] Bluetooth: hci0 command 0x1003 tx timeout
[ 1036.772190] Bluetooth: hci0 sending frame failed (-49)
[ 1036.775311] Bluetooth: Unknown HCI packet type 5e
[ 1036.787557] Bluetooth: Unknown HCI packet type 50
[ 1036.801661] Bluetooth: Unknown HCI packet type 50
[ 1036.810356] Bluetooth: Unknown HCI packet type 5e
[ 1036.813313] FAT-fs (loop4): Unrecognized mount option "	" or missing value
[ 1036.829244] Bluetooth: Unknown HCI packet type 5e
[ 1036.832913] Bluetooth: Unknown HCI packet type 5e
[ 1036.842414] Bluetooth: Unknown HCI packet type 40
[ 1036.842822] audit: type=1804 audit(1586317897.290:108): pid=16186 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/188/bus" dev="sda1" ino=16163 res=1
[ 1036.848772] Bluetooth: Unknown HCI packet type 40
[ 1036.878506] hfs: can't find a HFS filesystem on dev loop2
03:51:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$SIOCX25GFACILITIES(r0, 0x89e2, &(0x7f0000000000))
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1036.884755] Bluetooth: Unknown HCI packet type 40
[ 1036.953564] FAT-fs (loop4): bogus number of reserved sectors
[ 1036.959739] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1037.002236] FAT-fs (loop4): bogus number of reserved sectors
[ 1037.009055] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1038.683644] Bluetooth: hci3 command 0x1003 tx timeout
[ 1038.688994] Bluetooth: hci3 sending frame failed (-49)
[ 1038.693800] Bluetooth: hci2 command 0x1003 tx timeout
[ 1038.695659] Bluetooth: hci1 command 0x1003 tx timeout
[ 1038.704837] Bluetooth: hci2 sending frame failed (-49)
[ 1038.710221] Bluetooth: hci1 sending frame failed (-49)
[ 1038.843671] Bluetooth: hci0 command 0x1001 tx timeout
[ 1038.849074] Bluetooth: hci0 sending frame failed (-49)
[ 1040.763447] Bluetooth: hci2 command 0x1001 tx timeout
[ 1040.763619] Bluetooth: hci1 command 0x1001 tx timeout
[ 1040.768726] Bluetooth: hci3 command 0x1001 tx timeout
[ 1040.773969] Bluetooth: hci2 sending frame failed (-49)
[ 1040.783519] Bluetooth: hci3 sending frame failed (-49)
[ 1040.789082] Bluetooth: hci1 sending frame failed (-49)
[ 1040.923471] Bluetooth: hci0 command 0x1009 tx timeout
[ 1042.843345] Bluetooth: hci3 command 0x1009 tx timeout
[ 1042.843449] Bluetooth: hci1 command 0x1009 tx timeout
[ 1042.853987] Bluetooth: hci2 command 0x1009 tx timeout
03:51:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:51:45 executing program 0:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0xa, 0x2, 0x11)
sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f0000000080)=@in6={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [0xe803, 0x0, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x10]}}, 0x80, 0x0}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0xc0185879, &(0x7f0000000080))
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000002c0)={0x5, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5, 0x1088, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x500, 0x1f, 0x0, 0x0, 0x7ff, 0x0, 0x9}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x0)
r2 = gettid()
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000540)={0x0, 0x70, 0x2, 0xf8, 0x7, 0x6, 0x0, 0xffffffff, 0x88008, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x5, 0x448708bc4aa24710, @perf_bp={&(0x7f0000000240), 0x4}, 0x2025, 0x1, 0x400, 0x6, 0x2, 0x0, 0x3}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$kcm(0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f0000000340)="f9ce44bc713904119247e07734414af1578d2594f8d5a943ff681de407c1dbffb1b7ef7644b2102f78259581297d7b8f20bd25ba190a84a601d09096db64beb251326f8903e0f7849c640c3bb16d569aa41b242c8da4adfbe619b4121969be8a8e1b91ea34300e9a2a9b2754df2c5f3aecc711ddc6e25151fa24fd31e2b55b06729329fd18dd260e74db52f3c5169acc307460338afbb4ef9c", 0x0, 0x4}, 0x20)
recvmsg$kcm(0xffffffffffffffff, 0x0, 0x2100)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x0, 0x0, 0x4, 0x8}, 0x3c)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x400c00)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)

03:51:45 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
readahead(r0, 0x15a, 0x7)
ioctl$EVIOCGPROP(r4, 0x80404509, &(0x7f00000006c0)=""/4096)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f646674732c6e6f63617301000080f19dca3bc2370e56c9e24ce1a9caa07278b9266325a20395e03d9f3bdf68458694ae80480c5af8"])

[ 1044.914307] audit: type=1804 audit(1586317905.441:109): pid=16236 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/258/bus" dev="sda1" ino=16074 res=1
03:51:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)

03:51:45 executing program 0:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000003c0)=ANY=[@ANYBLOB="b702000038000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b700000000000000950000000000000023b5922c90d1db26e58a72e306a78bbaf158fce7df486c60f7ae965121eddcd904d19ef8883600dd6f214a4a764f17b5782c91e774adb13dc26f1574e61a26f888f1b611df1ea7b30cefa3f1a73de19f05f269854a97872b9252143902c62d88ed267cad5b392f6642985e4c552a8779df18199199368d740abe7a35374e38028b74630cf569c06170fb2fa1cc165452e8b4e5e6e192cafe79bd784e060093c5375e022e6a3dcaf2b9ad656ce2e39aed7500e918a611b19adcadd3b34e5e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffff8b}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r0, 0x18000000000002a0, 0x16, 0x34000, &(0x7f0000000500)="b9ff03f0000d698cb89e14f088a8000f88caffff8100638877fbac141421e9", 0x0, 0x100}, 0x28)
r1 = socket$kcm(0x11, 0x200000000000002, 0x300)
r2 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r1, 0x107, 0x12, &(0x7f00000000c0)=r2, 0x4)

[ 1045.017312] FAT-fs (loop4): Unrecognized mount option "nodfts" or missing value
[ 1045.042308] Bluetooth: Unknown HCI packet type 5e
[ 1045.048526] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1045.062873] Bluetooth: Unknown HCI packet type 43
[ 1045.074368] Bluetooth: Unknown HCI packet type 5e
[ 1045.079267] Bluetooth: Unknown HCI packet type 50
[ 1045.093058] Bluetooth: Unknown HCI packet type 5e
03:51:45 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x16, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = socket$kcm(0x2b, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$cgroup_int(r0, &(0x7f0000000200), 0x806000)

03:51:46 executing program 0:

03:51:46 executing program 0:

[ 1045.702953] audit: type=1804 audit(1586317906.221:110): pid=16244 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/258/bus" dev="sda1" ino=16074 res=1
[ 1045.794715] FAT-fs (loop4): Unrecognized mount option "nodfts" or missing value
[ 1045.916809] audit: type=1804 audit(1586317906.441:111): pid=16270 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/258/bus" dev="sda1" ino=16074 res=1
03:51:47 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)

03:51:47 executing program 0:

03:51:47 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$ASHMEM_PURGE_ALL_CACHES(r1, 0x770a, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
open(&(0x7f0000000080)='./file0\x00', 0x145100, 0x3)

03:51:47 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:51:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f00000000c0)=0xe)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:51:47 executing program 0:
r0 = socket(0x1000000010, 0x80002, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x2a9, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="000000000000000028001200090001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="005042488c23492881ad93efde8b98bd459e7e3a44"], 0x48}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000002400ffffff7f000000003c0005000000", @ANYRES32=r3, @ANYBLOB="00000000ffffffff000000000900010068667363000000000800020000000000"], 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB='D\x00\x00\x00,\x00\'\r\x00'/20, @ANYRES32=r3, @ANYBLOB="f3ffecff00000000030000000a000100726f7574650000001400e5b4a96ed6aa0200080002007000", @ANYRES32=0x0, @ANYBLOB="667da870ed60fe2ba96bbe4eaffffce04d9772d354b790b6d15bab5ba84ffc1ad99fd532558e341323620323b07bf93fb49a988213a0bde86d9516e80fbd990ed39da54a6fbccd6e98"], 0x44}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000200), 0x10efe10675dec16, 0x0)

[ 1046.887918] Bluetooth: Unknown HCI packet type 5e
[ 1046.888247] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1046.894248] Bluetooth: Unknown HCI packet type 43
[ 1046.904985] Bluetooth: Unknown HCI packet type 5e
[ 1046.911179] Bluetooth: Unknown HCI packet type 43
[ 1046.918407] Bluetooth: Unknown HCI packet type 5e
[ 1046.923924] Bluetooth: Unknown HCI packet type 43
[ 1046.928872] FAT-fs (loop4): bogus number of reserved sectors
[ 1046.942223] Bluetooth: Unknown HCI packet type 5e
[ 1046.948871] Bluetooth: Unknown HCI packet type 5e
[ 1046.949951] Bluetooth: Unknown HCI packet type 5e
[ 1046.963146] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1046.969451] hfs: can't find a HFS filesystem on dev loop2
[ 1046.976283] Bluetooth: Unknown HCI packet type 50
[ 1046.976419] Bluetooth: Unknown HCI packet type 0e
03:51:47 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_DELOBJ={0x1c, 0x14, 0xa, 0x5, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8}]}], {0x14}}, 0x44}}, 0x0)

[ 1046.990294] Bluetooth: Unknown HCI packet type 5e
[ 1046.992730] Bluetooth: Unknown HCI packet type 50
[ 1047.008040] Bluetooth: Unknown HCI packet type 40
[ 1047.010235] Bluetooth: Unknown HCI packet type 50
[ 1047.019683] Bluetooth: Unknown HCI packet type 5e
[ 1047.027680] Bluetooth: Unknown HCI packet type 5e
[ 1047.036248] Bluetooth: Unknown HCI packet type 40
[ 1047.041473] Bluetooth: Unknown HCI packet type 40
[ 1047.055170] FAT-fs (loop4): bogus number of reserved sectors
[ 1047.061240] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1047.082749] Bluetooth: hci0 command 0x1003 tx timeout
[ 1047.088866] Bluetooth: hci0 sending frame failed (-49)
[ 1048.922454] Bluetooth: hci2 command 0x1003 tx timeout
[ 1048.927726] Bluetooth: hci3 command 0x1003 tx timeout
[ 1048.927784] Bluetooth: hci2 sending frame failed (-49)
[ 1048.935879] Bluetooth: hci3 sending frame failed (-49)
[ 1048.943887] Bluetooth: hci1 command 0x1003 tx timeout
[ 1048.949163] Bluetooth: hci1 sending frame failed (-49)
[ 1049.162399] Bluetooth: hci0 command 0x1001 tx timeout
[ 1049.167785] Bluetooth: hci0 sending frame failed (-49)
[ 1051.002274] Bluetooth: hci2 command 0x1001 tx timeout
[ 1051.002295] Bluetooth: hci1 command 0x1001 tx timeout
[ 1051.007606] Bluetooth: hci2 sending frame failed (-49)
[ 1051.018836] Bluetooth: hci3 command 0x1001 tx timeout
[ 1051.018866] Bluetooth: hci1 sending frame failed (-49)
[ 1051.026091] Bluetooth: hci3 sending frame failed (-49)
[ 1051.242257] Bluetooth: hci0 command 0x1009 tx timeout
[ 1053.082053] Bluetooth: hci3 command 0x1009 tx timeout
[ 1053.082057] Bluetooth: hci1 command 0x1009 tx timeout
[ 1053.082081] Bluetooth: hci2 command 0x1009 tx timeout
03:51:55 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000cab000))

03:51:55 executing program 0:
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={0x0, 0x0, 0x20}, 0xc)
sendto$inet6(r0, &(0x7f00000000c0)='X', 0x1, 0x0, &(0x7f0000000200)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendto(r0, &(0x7f0000000500)="c8", 0x19ffe, 0x0, 0x0, 0x0)

03:51:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x226, 0x200c00)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:51:55 executing program 0:

[ 1055.142061] FAT-fs (loop4): bogus number of reserved sectors
[ 1055.149268] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1055.167046] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1055.174635] Bluetooth: Unknown HCI packet type 5e
[ 1055.180191] Bluetooth: Unknown HCI packet type 43
03:51:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
write$UHID_GET_REPORT_REPLY(r1, &(0x7f0000000140)={0xa, {0x8, 0x5, 0x5}}, 0xa)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots\x00\x00ocase'])
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x6aa, 0x0, 0x12, 0x16, 0x4, "a0670392303af34d50c343ec786c3583d3fddb8f7e0ebe4e22f53fb437aa61efac625bafac59299aaa133792614587c19f75111f60a1716f7d5c254ab98e0724", "0b711632092ea18420b9456ea03cd1bb8cb1e4c88e4998af17e582c8d74b8f2bf4ede2faab94fbb16b7e206a39502c88853424fbb77839146a14771437f27b12", "c9ad8f7b36521df6820400000000000000e62a4bff00ffffffff699cb79ef59c", [0x1000, 0x7fffffff]})

[ 1055.215927] Bluetooth: Unknown HCI packet type 5e
[ 1055.233352] Bluetooth: Unknown HCI packet type 50
[ 1055.254779] Bluetooth: Unknown HCI packet type 5e
[ 1055.264037] Bluetooth: Unknown HCI packet type 40
[ 1055.273722] FAT-fs (loop4): bogus number of reserved sectors
[ 1055.280160] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1055.347140] FAT-fs (loop4): bogus number of reserved sectors
[ 1055.354800] FAT-fs (loop4): Can't find a valid FAT filesystem
03:51:57 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f00000000c0))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100)='/dev/zero\x00', 0x319641, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r2, 0xc0044d15, &(0x7f0000000140)=0x19)
sendto$netrom(r0, &(0x7f0000000180)="54890a71c11403b718a2", 0xa, 0x0, 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:51:57 executing program 0:

03:51:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x6)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYRES32, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x5}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r9}]}, 0x44}}, 0x0)
bind(0xffffffffffffffff, &(0x7f0000000080)=@xdp={0x2c, 0xb, r9, 0x2d}, 0x80)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:51:57 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:51:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f00000000c0), &(0x7f0000000140)=0xc)

03:51:57 executing program 0:

[ 1057.077058] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1057.101843] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1057.102653] Bluetooth: Unknown HCI packet type 5e
[ 1057.116429] hfs: can't find a HFS filesystem on dev loop2
[ 1057.122109] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1057.130290] Bluetooth: Unknown HCI packet type 5e
[ 1057.130292] Bluetooth: Unknown HCI packet type 5e
[ 1057.130300] Bluetooth: Unknown HCI packet type 43
[ 1057.136248] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1057.145170] Bluetooth: Unknown HCI packet type 43
[ 1057.156667] Bluetooth: Unknown HCI packet type 43
03:51:57 executing program 0:

[ 1057.173953] Bluetooth: Unknown HCI packet type 5e
[ 1057.179031] Bluetooth: Unknown HCI packet type 5e
[ 1057.184846] Bluetooth: Unknown HCI packet type 50
[ 1057.204108] Bluetooth: Unknown HCI packet type 5e
[ 1057.204334] Bluetooth: Unknown HCI packet type 50
[ 1057.217646] Bluetooth: Unknown HCI packet type 5e
[ 1057.220659] Bluetooth: Unknown HCI packet type 5e
[ 1057.228072] Bluetooth: Unknown HCI packet type 40
[ 1057.237285] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1057.239734] Bluetooth: Unknown HCI packet type 50
[ 1057.251437] Bluetooth: hci0 command 0x1003 tx timeout
[ 1057.256108] Bluetooth: Unknown HCI packet type 40
[ 1057.257529] Bluetooth: hci0 sending frame failed (-49)
[ 1057.279389] Bluetooth: Unknown HCI packet type 5e
[ 1057.289395] Bluetooth: Unknown HCI packet type 40
[ 1059.161263] Bluetooth: hci3 command 0x1003 tx timeout
[ 1059.161313] Bluetooth: hci2 command 0x1003 tx timeout
[ 1059.167876] Bluetooth: hci3 sending frame failed (-49)
[ 1059.177791] Bluetooth: hci1 command 0x1003 tx timeout
[ 1059.177849] Bluetooth: hci2 sending frame failed (-49)
[ 1059.184246] Bluetooth: hci1 sending frame failed (-49)
[ 1059.321230] Bluetooth: hci0 command 0x1001 tx timeout
[ 1059.326571] Bluetooth: hci0 sending frame failed (-49)
[ 1061.241114] Bluetooth: hci2 command 0x1001 tx timeout
[ 1061.241118] Bluetooth: hci1 command 0x1001 tx timeout
[ 1061.241193] Bluetooth: hci1 sending frame failed (-49)
[ 1061.246759] Bluetooth: hci2 sending frame failed (-49)
[ 1061.263547] Bluetooth: hci3 command 0x1001 tx timeout
[ 1061.269371] Bluetooth: hci3 sending frame failed (-49)
[ 1061.401055] Bluetooth: hci0 command 0x1009 tx timeout
[ 1063.320899] Bluetooth: hci2 command 0x1009 tx timeout
[ 1063.320903] Bluetooth: hci3 command 0x1009 tx timeout
[ 1063.320927] Bluetooth: hci1 command 0x1009 tx timeout
03:52:05 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000cab000))

03:52:05 executing program 0:

03:52:05 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000140)=@v1={0x2, 'W'}, 0x2, 0x3)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:52:05 executing program 0:

03:52:06 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1065.406861] FAT-fs (loop4): bogus number of reserved sectors
[ 1065.418850] Bluetooth: Unknown HCI packet type 5e
[ 1065.419014] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1065.425682] Bluetooth: Unknown HCI packet type 43
[ 1065.446576] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1065.480994] Bluetooth: Unknown HCI packet type 5e
[ 1065.513727] Bluetooth: Unknown HCI packet type 50
[ 1065.522905] Bluetooth: Unknown HCI packet type 5e
[ 1065.535578] Bluetooth: Unknown HCI packet type 40
[ 1065.585904] FAT-fs (loop4): bogus number of reserved sectors
[ 1065.597397] FAT-fs (loop4): Can't find a valid FAT filesystem
03:52:07 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

03:52:07 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
execveat(r1, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=[&(0x7f0000000040)='msdos\x00'], &(0x7f0000000280)=[&(0x7f00000000c0)='msdos\x00', &(0x7f0000000140)='\x9fvmnet0vmnet1trustedeth0$nodev\x00', &(0x7f00000001c0)='trusted#\x00', &(0x7f0000000200)='\'\\*\x00', &(0x7f0000000240)='msdos\x00'], 0x1000)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:52:07 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)

03:52:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x0, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:52:07 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

03:52:07 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = dup(r0)
pipe(&(0x7f0000000200))
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000140)='cgroup.type\x00', 0x2, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x40000, 0x0)
r3 = getpid()
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x20, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r4)
sched_setattr(r3, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x4, 0x0, 0x10000}, 0x0)
sched_getparam(r3, &(0x7f0000000180))
ioctl$TCSETXF(r2, 0x5434, &(0x7f0000000100)={0x7, 0x59, [0x2, 0x3, 0x7fff, 0x40, 0x7ee7], 0x5})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1067.346311] Bluetooth: Unknown HCI packet type 5e
[ 1067.351868] Bluetooth: Unknown HCI packet type 43
[ 1067.358112] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1067.369486] FAT-fs (loop4): bogus number of reserved sectors
[ 1067.386856] Bluetooth: Unknown HCI packet type 5e
03:52:07 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1067.389487] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1067.398377] Bluetooth: Unknown HCI packet type 5e
[ 1067.399659] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1067.410443] Bluetooth: Unknown HCI packet type 43
[ 1067.413829] Bluetooth: Unknown HCI packet type 50
[ 1067.425482] Bluetooth: Unknown HCI packet type 5e
[ 1067.441153] Bluetooth: Unknown HCI packet type 5e
[ 1067.448932] Bluetooth: Unknown HCI packet type 5e
[ 1067.455780] Bluetooth: Unknown HCI packet type 43
[ 1067.456404] Bluetooth: Unknown HCI packet type 50
[ 1067.473186] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1067.477992] hfs: can't find a HFS filesystem on dev loop2
[ 1067.485524] Bluetooth: Unknown HCI packet type 40
[ 1067.487685] Bluetooth: hci0 command 0x1003 tx timeout
[ 1067.495690] Bluetooth: Unknown HCI packet type 5e
[ 1067.507580] Bluetooth: Unknown HCI packet type 5e
[ 1067.512443] Bluetooth: Unknown HCI packet type 50
[ 1067.513940] Bluetooth: hci0 sending frame failed (-49)
[ 1067.528274] Bluetooth: Unknown HCI packet type 40
[ 1067.537731] Bluetooth: Unknown HCI packet type 5e
[ 1067.558299] FAT-fs (loop4): bogus number of reserved sectors
[ 1067.562869] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1067.571161] Bluetooth: Unknown HCI packet type 40
[ 1067.581501] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1069.400085] Bluetooth: hci2 command 0x1003 tx timeout
[ 1069.405440] Bluetooth: hci2 sending frame failed (-49)
[ 1069.411114] Bluetooth: hci1 command 0x1003 tx timeout
[ 1069.416404] Bluetooth: hci1 sending frame failed (-49)
[ 1069.490076] Bluetooth: hci3 command 0x1003 tx timeout
[ 1069.495437] Bluetooth: hci3 sending frame failed (-49)
[ 1069.570054] Bluetooth: hci0 command 0x1001 tx timeout
[ 1069.575498] Bluetooth: hci0 sending frame failed (-49)
[ 1071.479958] Bluetooth: hci1 command 0x1001 tx timeout
[ 1071.479976] Bluetooth: hci2 command 0x1001 tx timeout
[ 1071.485272] Bluetooth: hci1 sending frame failed (-49)
[ 1071.497292] Bluetooth: hci2 sending frame failed (-49)
[ 1071.559971] Bluetooth: hci3 command 0x1001 tx timeout
[ 1071.565296] Bluetooth: hci3 sending frame failed (-49)
[ 1071.639928] Bluetooth: hci0 command 0x1009 tx timeout
[ 1073.559755] Bluetooth: hci2 command 0x1009 tx timeout
[ 1073.565049] Bluetooth: hci1 command 0x1009 tx timeout
[ 1073.639663] Bluetooth: hci3 command 0x1009 tx timeout
03:52:16 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000cab000))

03:52:16 executing program 0:
ioctl(0xffffffffffffffff, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

03:52:16 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
lseek(r2, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8400fffffffa)
ioctl$VIDIOC_TRY_EXT_CTRLS(r3, 0xc0205649, &(0x7f0000000080)={0x9c0000, 0x9, 0x1, <r4=>0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x9c0901, 0x8000, [], @p_u16=&(0x7f0000000000)=0x6}})
mmap$perf(&(0x7f0000dfe000/0x200000)=nil, 0x200000, 0x0, 0x100010, r4, 0x8)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1075.614867] audit: type=1804 audit(1586317936.134:112): pid=16538 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/265/bus" dev="sda1" ino=16094 res=1
[ 1075.626503] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1075.650090] Bluetooth: Unknown HCI packet type 5e
[ 1075.655227] Bluetooth: Unknown HCI packet type 43
03:52:16 executing program 0:
ioctl(0xffffffffffffffff, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1075.679625] Bluetooth: Unknown HCI packet type 5e
[ 1075.703320] Bluetooth: Unknown HCI packet type 50
[ 1075.723411] FAT-fs (loop4): bogus number of reserved sectors
[ 1075.725741] Bluetooth: Unknown HCI packet type 5e
[ 1075.745306] Bluetooth: Unknown HCI packet type 40
03:52:16 executing program 0:
ioctl(0xffffffffffffffff, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1075.747544] FAT-fs (loop4): Can't find a valid FAT filesystem
03:52:16 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

03:52:16 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1076.409392] audit: type=1804 audit(1586317936.924:113): pid=16546 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/265/bus" dev="sda1" ino=16094 res=1
[ 1076.498937] FAT-fs (loop4): bogus number of reserved sectors
[ 1076.510753] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1076.605343] audit: type=1804 audit(1586317937.124:114): pid=16566 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/265/bus" dev="sda1" ino=16094 res=1
03:52:18 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r2}}]})

03:52:18 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x80000000, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodot\\,nocase'])
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
connect$l2tp(r2, &(0x7f0000000040)={0x2, 0x0, @local, 0x2}, 0x10)

03:52:18 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

03:52:18 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x6af4c3, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
accept4(r4, 0x0, &(0x7f0000000280), 0x80800)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x100, 0x0)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)

03:52:18 executing program 0:
openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1077.566460] FAT-fs (loop4): Unrecognized mount option "nodot\" or missing value
[ 1077.601595] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1077.607602] Bluetooth: Unknown HCI packet type 5e
[ 1077.612911] Bluetooth: Unknown HCI packet type 43
[ 1077.625103] Bluetooth: Unknown HCI packet type 5e
[ 1077.643635] hfs: can't find a HFS filesystem on dev loop2
[ 1077.650544] Bluetooth: Unknown HCI packet type 50
[ 1077.671139] Bluetooth: Unknown HCI packet type 5e
[ 1077.696248] Bluetooth: Unknown HCI packet type 40
[ 1077.719348] Bluetooth: hci0 command 0x1003 tx timeout
[ 1077.733971] Bluetooth: hci0 sending frame failed (-49)
[ 1079.649055] Bluetooth: hci1 command 0x1003 tx timeout
[ 1079.654437] Bluetooth: hci1 sending frame failed (-49)
[ 1079.798946] Bluetooth: hci0 command 0x1001 tx timeout
[ 1079.804338] Bluetooth: hci0 sending frame failed (-49)
[ 1081.728793] Bluetooth: hci1 command 0x1001 tx timeout
[ 1081.734142] Bluetooth: hci1 sending frame failed (-49)
[ 1081.878707] Bluetooth: hci0 command 0x1009 tx timeout
[ 1083.798599] Bluetooth: hci1 command 0x1009 tx timeout
03:52:26 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), 0x0)

03:52:26 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
finit_module(r0, &(0x7f00000000c0)='[#\xd2\x00', 0x1)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000140)=0x4, 0x4)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:52:26 executing program 0:
openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

03:52:26 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r5, 0xd, 0x0)
shmctl$SHM_LOCK(r5, 0xb)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x4, &(0x7f0000000100), 0x8, r4, 0x4})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:52:26 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$ARPT_SO_GET_ENTRIES(r2, 0x0, 0x61, &(0x7f0000000140)={'filter\x00', 0xc3, "29f98f2f4180bdc0f160f33f8d7e9ecdf244e74bc9fcf15ab7b97cd6d0891be0196c9c9bc9a80571d6981f017bfba65b54b0ec4748f1d71610fc8f37285501568b8f59e20ce8f7b2e50e149194524bbb91773c959ff36216e1202a625049c81f359534e2f0129aba75ea81f448abd0c7c377a7d4554c004608b108b4a7a33af46b01aafa00d85ef56a378bf232dd6930b94adce280dfbae57df97f1a87d504859d18fe7777d5dda9c8e4b7fad914ecaec10891165c9d7758d9f4407aceb946de604c84"}, &(0x7f0000000040)=0xe7)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:52:26 executing program 0:
openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1085.855806] audit: type=1804 audit(1586317946.375:115): pid=16627 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/120/bus" dev="sda1" ino=15937 res=1
[ 1085.874606] Bluetooth: Unknown HCI packet type 5e
[ 1085.900905] FAT-fs (loop4): bogus number of reserved sectors
[ 1085.910798] Bluetooth: Unknown HCI packet type 5e
[ 1085.910815] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1085.916212] Bluetooth: Unknown HCI packet type 43
[ 1085.928611] Bluetooth: Unknown HCI packet type 43
[ 1085.929655] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1085.949000] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1085.956355] Bluetooth: Unknown HCI packet type 5e
[ 1085.959786] Bluetooth: Unknown HCI packet type 5e
[ 1085.966265] Bluetooth: Unknown HCI packet type 50
[ 1085.980670] Bluetooth: Unknown HCI packet type 50
[ 1085.991275] Bluetooth: Unknown HCI packet type 5e
03:52:26 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x0, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1086.005355] Bluetooth: Unknown HCI packet type 5e
[ 1086.025296] Bluetooth: Unknown HCI packet type 40
[ 1086.025604] Bluetooth: Unknown HCI packet type 40
03:52:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r2}}]})

03:52:28 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="77a76e00feffff732c6e6f63617345cb51d708b3bc0c126407ff99b318e59dd1e6b76a33713ac601708c34345610977b4213a74911c61f104ad0ecec824a8fe9d5c67b704035f7d814dbc467062ff245bff6e05a26d9b3d61c9c7ecc28c33897e56c9646266de5211006453a0ceb16d439d48004ee57ac1e6861d33f5e78894a391f985776cdbd5354aaddebfc9288b2f5c5866ead5ed36d1f139086d46c3e068feb647580a828cdb4cb54fe75543d507b783ae570b7a26e4697ac0056d5d15e69c17922d6c3fd795f7f299ae46578dc2d52e1db"])

03:52:28 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x0, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

03:52:28 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x0, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f12")

[ 1087.772028] FAT-fs (loop4): Unrecognized mount option "w§n" or missing value
03:52:28 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='nodots,nocase', @ANYRESOCT])

[ 1087.819735] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1087.829702] Bluetooth: Unknown HCI packet type 5e
[ 1087.839533] Bluetooth: Unknown HCI packet type 43
[ 1087.856974] Bluetooth: Unknown HCI packet type 5e
[ 1087.878084] Bluetooth: hci0 command 0x1003 tx timeout
[ 1087.883865] Bluetooth: hci0 sending frame failed (-49)
[ 1087.892308] hfs: can't find a HFS filesystem on dev loop2
[ 1087.910983] Bluetooth: Unknown HCI packet type 50
[ 1087.918260] FAT-fs (loop4): Unrecognized mount option "nocase01777777777777777777777" or missing value
[ 1087.933716] Bluetooth: Unknown HCI packet type 5e
[ 1087.952969] Bluetooth: Unknown HCI packet type 40
[ 1087.968740] Bluetooth: hci2 command 0x1003 tx timeout
[ 1087.974326] Bluetooth: hci2 sending frame failed (-49)
[ 1088.038303] Bluetooth: hci3 command 0x1003 tx timeout
[ 1088.043626] Bluetooth: hci3 sending frame failed (-49)
[ 1089.877994] Bluetooth: hci1 command 0x1003 tx timeout
[ 1089.883334] Bluetooth: hci1 sending frame failed (-49)
[ 1089.957841] Bluetooth: hci0 command 0x1001 tx timeout
[ 1089.963191] Bluetooth: hci0 sending frame failed (-49)
[ 1090.047856] Bluetooth: hci2 command 0x1001 tx timeout
[ 1090.053206] Bluetooth: hci2 sending frame failed (-49)
[ 1090.117838] Bluetooth: hci3 command 0x1001 tx timeout
[ 1090.123287] Bluetooth: hci3 sending frame failed (-49)
[ 1091.967710] Bluetooth: hci1 command 0x1001 tx timeout
[ 1091.973033] Bluetooth: hci1 sending frame failed (-49)
[ 1092.047686] Bluetooth: hci0 command 0x1009 tx timeout
[ 1092.117714] Bluetooth: hci2 command 0x1009 tx timeout
[ 1092.197619] Bluetooth: hci3 command 0x1009 tx timeout
[ 1094.037368] Bluetooth: hci1 command 0x1009 tx timeout
03:52:36 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='notots,nocase'])
r2 = socket$inet(0x2, 0x4000000805, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = dup3(r2, r3, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}], 0x10)
sendto$inet(r4, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000080)=0x7, 0x4)
sendto$inet(r3, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f00000000c0)={0x2, [0x0, <r6=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x6c, &(0x7f000059aff8)={r6}, &(0x7f000034f000)=0x2059b000)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r6, 0x63}, 0x0)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={r6, 0x1}, 0x8)
r7 = socket$bt_cmtp(0x1f, 0x3, 0x5)
ioctl$sock_TIOCOUTQ(r7, 0x5411, &(0x7f0000000300))

03:52:36 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, 0x0)

03:52:36 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x92400, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0xfffffffffffffffc)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000100)=0x4034)
ioctl$TCSETSF(r0, 0x5404, &(0x7f00000000c0)={0xd380, 0xd2, 0xcd4, 0x8000, 0x4, "bf01f171657c67bd546bbc47f8076d8cfb1486"})

03:52:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$GIO_FONT(r1, 0x4b60, &(0x7f0000000240)=""/4096)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f0000001240)={0x1, 0x0, {0x4, 0x75, 0x1004, 0x1, 0x9, 0x7, 0x1}})
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:52:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), 0x0)

03:52:36 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, 0x0)

[ 1096.145249] FAT-fs (loop4): Unrecognized mount option "notots" or missing value
[ 1096.174003] Bluetooth: Unknown HCI packet type 5e
[ 1096.179134] Bluetooth: Unknown HCI packet type 43
[ 1096.185230] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1096.197487] Bluetooth: Unknown HCI packet type 5e
03:52:36 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, 0x0)

[ 1096.226636] Bluetooth: Unknown HCI packet type 50
[ 1096.241212] Bluetooth: Unknown HCI packet type 5e
[ 1096.244815] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1096.254259] Bluetooth: Unknown HCI packet type 5e
[ 1096.257586] FAT-fs (loop4): Unrecognized mount option "notots" or missing value
[ 1096.265072] Bluetooth: Unknown HCI packet type 43
[ 1096.276276] Bluetooth: Unknown HCI packet type 40
[ 1096.295387] Bluetooth: Unknown HCI packet type 5e
[ 1096.317886] Bluetooth: Unknown HCI packet type 50
[ 1096.340062] Bluetooth: Unknown HCI packet type 5e
[ 1096.354240] Bluetooth: Unknown HCI packet type 40
03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r2}}]})

03:52:38 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040))

03:52:38 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x3, 0x3}, 0x6)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRES64=r0])
r2 = dup(r0)
ioctl$SIOCX25SCUDMATCHLEN(r2, 0x89e7, &(0x7f0000000080)={0x62})

03:52:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x6c200, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))

03:52:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f00000000c0)=""/154)

[ 1097.997664] FAT-fs (loop4): Unrecognized mount option "" or missing value
[ 1098.036495] Bluetooth: Unknown HCI packet type 5e
[ 1098.036511] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
03:52:38 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040))

[ 1098.041642] Bluetooth: Unknown HCI packet type 43
[ 1098.061488] FAT-fs (loop4): Unrecognized mount option "" or missing value
[ 1098.070659] Bluetooth: Unknown HCI packet type 5e
[ 1098.087245] Bluetooth: Unknown HCI packet type 50
03:52:38 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040))

[ 1098.112995] Bluetooth: Unknown HCI packet type 5e
[ 1098.123918] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1098.123942] Bluetooth: Unknown HCI packet type 5e
[ 1098.144589] hfs: can't find a HFS filesystem on dev loop2
[ 1098.150303] Bluetooth: Unknown HCI packet type 40
[ 1098.155583] Bluetooth: Unknown HCI packet type 43
03:52:38 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/timers\x00', 0x0, 0x0)
ioctl$SCSI_IOCTL_SYNC(r6, 0x4)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00')
sendmsg$NL80211_CMD_REQ_SET_REG(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, r7, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_START_SCHED_SCAN(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000040)={&(0x7f00000006c0)={0x380, r7, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x2}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x1f, 0x4}}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x6f}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x97, 0x7}}, @NL80211_ATTR_IE={0x344, 0x2a, "693db71bdd4e5f29c42602609054edb974302fff6410c35da784c9f6db3dc88fa42c44b2bfdf3a9383e5f222f2bddad10fe5b1fa72c98e8dbb94839515265b02f9d31152ffbc5fe64c3b2967cf098cd65ea9e1998581ec54de80695a3cf859ff709b70bac6667a86184907c74b6d213a2ec908c268ddb585d06799432cb5d1868d7e1911877b7af0a44fe9763de9ed94e9da4fb933d7430865685728ff92b4d6b31a64f9a8306b26e3e4da9fbaa391976442583aae1a4ce8db744cbd2c44793aade0d2b54deb3025e5efbdbbb52fdf6124820b3ebc67c84ab31da83ce56a4fa2e0f0bbcc5fef95054e3950f0ac3cb703c5c14e97ef518b429b16e941149c1f5c7b6258c879ace8c3cc98c8a977cad1ecae2bf0dbc8cc64f9f23432701fe0c85e1456d73ca828c12d1d4ced93748b35e1c0cfe7ee8335e48f6accd56147e05d84d019f3799b4c439d7d387bbe61bdc48b34e0dd95a213a0a492dd0e5a081517e5c1caa6ca6fb81b891d0d15cee702d54d939a6bafae1a5b8ed13513519650533ee5e74c5dcd369b87dc87b33acfb849237533b75899b4bc0fe26e8e2a5ed80871769352f923b65f2b883f4f76ae5b55bac7d3101f61fb19f8b156569dd8eec7d6455074b2759a32a7f78ce2adbe063de75ffcbbbf50d92d785841ba82c116c03a215649e15f0a0be67f0f3b019a907e0563534d803f482584debd510f1248a54f7c749270d34c91f6ecdf1f42245b76da93df7f145f568567ff223750bfd260b10f9a975daf48a2b2f528876daa2030fff420d1a88bc6d2cc3b258d25fc6ebef7ccb5adcd37157c26942fed6134dbab7df7e383eb664db92906fde80fffa27d2ec8ebfbbbe3013d65cb953e9faef5cf8c16f0c90adb3316c20ee603f00baf92797ad74c2a8fe8aedf73c457060e7122622497e2be275cc3561b601dc8612abb43f68686b714f99b094a0cd65e33ebae661a582dd77b0f0b3eabf2998c6e085bc555378dd686dc813141b81da10bfa29f6a04e13dd8f2a20020f91cf0e638f8ccb66790e433acbc9d2c842b7f76cafaaaa1470107cb8a313714ed6383a934e66321fc84df6b1ab6e0869b95c0cb3a3e00991d5ae408b20356d6a399d4c869d9524ba6595cc00907b6a56bcdeed7f9e3485331ad854c5789356d09e646dd8f9c211"}]}, 0x380}, 0x1, 0x0, 0x0, 0x20040810}, 0x20020080)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1098.184999] Bluetooth: Unknown HCI packet type 5e
[ 1098.196487] Bluetooth: Unknown HCI packet type 50
[ 1098.207109] Bluetooth: hci0 command 0x1003 tx timeout
[ 1098.212524] Bluetooth: hci0 sending frame failed (-49)
[ 1098.231239] Bluetooth: Unknown HCI packet type 5e
[ 1098.231891] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1098.256970] Bluetooth: Unknown HCI packet type 40
[ 1098.277464] Bluetooth: hci2 command 0x1003 tx timeout
[ 1098.282877] Bluetooth: hci2 sending frame failed (-49)
[ 1098.291544] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1098.342475] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1098.367411] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1100.036713] Bluetooth: hci1 command 0x1003 tx timeout
[ 1100.042105] Bluetooth: hci1 sending frame failed (-49)
[ 1100.196751] Bluetooth: hci3 command 0x1003 tx timeout
[ 1100.202081] Bluetooth: hci3 sending frame failed (-49)
[ 1100.276721] Bluetooth: hci0 command 0x1001 tx timeout
[ 1100.282103] Bluetooth: hci0 sending frame failed (-49)
[ 1100.356701] Bluetooth: hci2 command 0x1001 tx timeout
[ 1100.362038] Bluetooth: hci2 sending frame failed (-49)
[ 1102.116533] Bluetooth: hci1 command 0x1001 tx timeout
[ 1102.121866] Bluetooth: hci1 sending frame failed (-49)
[ 1102.276708] Bluetooth: hci3 command 0x1001 tx timeout
[ 1102.282013] Bluetooth: hci3 sending frame failed (-49)
[ 1102.356549] Bluetooth: hci0 command 0x1009 tx timeout
[ 1102.436575] Bluetooth: hci2 command 0x1009 tx timeout
[ 1104.196371] Bluetooth: hci1 command 0x1009 tx timeout
[ 1104.356376] Bluetooth: hci3 command 0x1009 tx timeout
03:52:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac9431cf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a490550900000081d4841e2c90bd8fa2bf3802bf963edaae019f61af1e0bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2316952fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d04a91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa3975aaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b00000000000000aad5d5798b7dd99a19441a150ef361723783070189dac77f557c2c944587e50695b0105d39cb83b10cac03904146d0d827cc2c2161d9f3eae32a3f52db0f03ffed969f3ca74de01c707058cb0336f2e3a2b056ef60f556ab947939096609232f990aab7d1a33bae6e7231fc9266e34e640290d657d27d273bf913aad0c9e77da3bfe04dbef284c3926d7ad2837fd35200b7d9e037ce3643084a011f14ea091ca5b4c1a9a199b848ba572ba9295a8da469a33edc3d470b27982b3bfa5047201309b02f16837ac8a9120ecf54e9c688c3b0b3839fe692adf446bc738c6e49bf383a241"], 0x48}}, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f00000000c0)={{0x3, 0x0, @identifier="216f26ea19f42ee4e7dd23fa086272b2"}})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyS3\x00', 0x145880, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x541c, &(0x7f00000002c0))
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r5 = socket(0x10, 0x803, 0x0)
sendto$isdn(r5, &(0x7f0000000240)={0x0, 0x6, "d27025d367e28d9b5a7c5709b10feb85be16e1a35e254756d34d474c0d08c9ca3331d6c6f431cfb5a8e449040e08a1ff6a683a861c1bc29a43f9c52aea9d760f0202e60ad3d4a7"}, 0x4f, 0x24000814, 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:52:46 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="01000000000000000004000007")

03:52:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x44}}, 0x0)
fadvise64(r1, 0x100, 0x7ff, 0x0)
r5 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$ax25(r6, &(0x7f0000000080)={{0x3, @null}, [@bcast, @null, @netrom, @null, @netrom, @rose]}, &(0x7f0000000240)=0x48)

03:52:46 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), 0x0)

[ 1106.328958] autofs4:pid:16807:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
[ 1106.343875] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1106.380318] Bluetooth: Unknown HCI packet type 5e
[ 1106.380900] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1106.385403] Bluetooth: Unknown HCI packet type 43
[ 1106.431229] Bluetooth: Unknown HCI packet type 5e
[ 1106.438187] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1106.451413] Bluetooth: Unknown HCI packet type 50
[ 1106.457667] Bluetooth: Unknown HCI packet type 5e
[ 1106.462737] Bluetooth: Unknown HCI packet type 43
[ 1106.468643] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1106.468820] Bluetooth: Unknown HCI packet type 5e
[ 1106.479936] Bluetooth: Unknown HCI packet type 5e
[ 1106.485665] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket pig=16822 comm=syz-executor.3
[ 1106.500471] Bluetooth: Unknown HCI packet type 50
[ 1106.507420] Bluetooth: Unknown HCI packet type 40
[ 1106.512487] Bluetooth: Unknown HCI packet type 5e
[ 1106.520112] Bluetooth: Unknown HCI packet type 40
[ 1106.521052] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1106.576178] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1106.612558] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
03:52:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000cab000))
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid'}}]})

03:52:48 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="01000000000000000004000007")

03:52:48 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = dup2(r2, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f0000000240)=[{&(0x7f00000000c0)="800000003804000019000300e60100006c000000000000000300000002000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x0, 0x0)
r4 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:52:48 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
ioctl$sock_SIOCADDDLCI(r1, 0x8980, &(0x7f00000000c0)={'veth1_virt_wifi\x00', 0x1})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1108.252290] Bluetooth: Unknown HCI packet type 5e
[ 1108.259703] Bluetooth: Unknown HCI packet type 43
[ 1108.265249] autofs4:pid:16857:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
[ 1108.276608] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1108.283236] Bluetooth: Unknown HCI packet type 5e
[ 1108.291563] EXT4-fs (loop4): bad block size 8192
[ 1108.292370] Bluetooth: Unknown HCI packet type 50
[ 1108.307040] hfs: can't find a HFS filesystem on dev loop2
[ 1108.312591] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1108.313648] Bluetooth: Unknown HCI packet type 5e
[ 1108.324249] Bluetooth: Unknown HCI packet type 5e
[ 1108.329444] Bluetooth: Unknown HCI packet type 40
[ 1108.331443] Bluetooth: Unknown HCI packet type 43
[ 1108.343293] Bluetooth: Unknown HCI packet type 5e
03:52:48 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="01000000000000000004000007")

[ 1108.353888] Bluetooth: Unknown HCI packet type 50
[ 1108.364104] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1108.367520] Bluetooth: Unknown HCI packet type 5e
[ 1108.388263] Bluetooth: Unknown HCI packet type 40
03:52:48 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700")

[ 1108.407695] autofs4:pid:16880:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
[ 1108.422038] FAT-fs (loop4): bogus number of reserved sectors
[ 1108.430297] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1108.437239] Bluetooth: hci0 command 0x1003 tx timeout
[ 1108.443115] Bluetooth: hci0 sending frame failed (-49)
03:52:49 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700")

[ 1108.469570] autofs4:pid:16888:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
03:52:49 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700")

[ 1108.517498] Bluetooth: hci2 command 0x1003 tx timeout
[ 1108.522839] Bluetooth: hci2 sending frame failed (-49)
[ 1108.535190] EXT4-fs (loop4): bad block size 8192
[ 1108.553105] autofs4:pid:16897:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
[ 1108.617358] autofs4:pid:16903:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
[ 1110.275621] Bluetooth: hci1 command 0x1003 tx timeout
[ 1110.281803] Bluetooth: hci1 sending frame failed (-49)
[ 1110.355689] Bluetooth: hci3 command 0x1003 tx timeout
[ 1110.361030] Bluetooth: hci3 sending frame failed (-49)
[ 1110.515682] Bluetooth: hci0 command 0x1001 tx timeout
[ 1110.521029] Bluetooth: hci0 sending frame failed (-49)
[ 1110.595846] Bluetooth: hci2 command 0x1001 tx timeout
[ 1110.601211] Bluetooth: hci2 sending frame failed (-49)
[ 1112.355453] Bluetooth: hci1 command 0x1001 tx timeout
[ 1112.360776] Bluetooth: hci1 sending frame failed (-49)
[ 1112.435447] Bluetooth: hci3 command 0x1001 tx timeout
[ 1112.442551] Bluetooth: hci3 sending frame failed (-49)
[ 1112.595431] Bluetooth: hci0 command 0x1009 tx timeout
[ 1112.685444] Bluetooth: hci2 command 0x1009 tx timeout
[ 1114.435286] Bluetooth: hci1 command 0x1009 tx timeout
[ 1114.515276] Bluetooth: hci3 command 0x1009 tx timeout
03:52:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x440000, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:52:57 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001")

03:52:57 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f00000001c0)={0x131})

03:52:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
openat$mice(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x280040)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_inet_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f00000000c0))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1116.578353] autofs4:pid:16917:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
[ 1116.606688] FAT-fs (loop4): bogus number of reserved sectors
[ 1116.608658] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1116.621250] Bluetooth: Unknown HCI packet type 5e
[ 1116.631201] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1116.631671] Bluetooth: Unknown HCI packet type 43
[ 1116.657554] Bluetooth: Unknown HCI packet type 5e
[ 1116.675219] Bluetooth: Unknown HCI packet type 50
[ 1116.696808] Bluetooth: Unknown HCI packet type 5e
[ 1116.701987] Bluetooth: Unknown HCI packet type 40
[ 1116.713340] FAT-fs (loop4): bogus number of reserved sectors
[ 1116.721312] FAT-fs (loop4): Can't find a valid FAT filesystem
03:52:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000cab000))
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid'}}]})

03:52:59 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001")

03:52:59 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0xff, 0x22)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x4000000000001a8, 0x0)

03:52:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
sync_file_range(0xffffffffffffffff, 0x9, 0x9, 0x0)

03:52:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x60840, 0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r2=>0x0, <r3=>0x0})
clock_settime(0x2, &(0x7f0000000180)={r2, r3+10000000})
syz_open_pts(r1, 0x466001)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
fcntl$dupfd(r4, 0x406, r1)
r5 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r5, 0x1000)
lseek(r5, 0x0, 0x2)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xffffffffffffffb6)
setsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x9, &(0x7f00000001c0)=0x2, 0x1)
ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000100))
sendfile(r5, r6, 0x0, 0x8400fffffffa)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x40000f)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
syz_open_dev$ttys(0xc, 0x2, 0x0)

[ 1118.492400] autofs4:pid:16955:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
[ 1118.519306] FAT-fs (loop4): bogus number of reserved sectors
03:52:59 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001")

[ 1118.532236] audit: type=1804 audit(1586317979.059:116): pid=16959 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/125/bus" dev="sda1" ino=16129 res=1
[ 1118.564938] Bluetooth: Unknown HCI packet type 5e
[ 1118.570598] Bluetooth: Unknown HCI packet type 43
[ 1118.573328] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1118.575683] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1118.610397] hfs: can't find a HFS filesystem on dev loop2
[ 1118.642756] Bluetooth: Unknown HCI packet type 5e
03:52:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$RDS_GET_MR_FOR_DEST(r2, 0x114, 0x7, &(0x7f0000000380)={@in={0x2, 0x4e22, @empty}, {&(0x7f0000000240)=""/129, 0x81}, &(0x7f00000000c0), 0x1}, 0xa0)
setsockopt$inet_buf(r1, 0x0, 0x2b, &(0x7f0000000000)="50426a52b30195272e704513b2c32610ef838132ff1b28b6e33468c11abf01cef21669f3ff804579a6c3daec4e5a026f06d8410af714a64d3d5091d008128355773e7feb7e15066e4a79814f9020f43b2a763ffaea96fb9bbaa4ebee02409195f5cd5ee158e95f444626af0a703489ab0a17ea1512e50828c15bb9b4552b7b002c75a4883059b567113933ce", 0x8c)
r3 = dup(r0)
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000140), &(0x7f0000000300)=0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1118.653330] autofs4:pid:16976:validate_dev_ioctl: invalid path supplied for cmd(0x00009374)
[ 1118.662842] Bluetooth: Unknown HCI packet type 50
[ 1118.674978] Bluetooth: hci0 command 0x1003 tx timeout
[ 1118.695473] Bluetooth: Unknown HCI packet type 5e
[ 1118.696184] Bluetooth: hci0 sending frame failed (-49)
[ 1118.732760] Bluetooth: Unknown HCI packet type 40
03:52:59 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f")

03:52:59 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f")

[ 1118.759385] FAT-fs (loop4): bogus number of reserved sectors
[ 1118.769886] FAT-fs (loop4): Can't find a valid FAT filesystem
03:52:59 executing program 0:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl(r0, 0x8000000000009374, &(0x7f0000000040)="010000000000000000040000075a940000000700008001832f")

[ 1118.841921] FAT-fs (loop4): bogus number of reserved sectors
[ 1118.864177] FAT-fs (loop4): Can't find a valid FAT filesystem
03:52:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000000)="090ebab24041f9c2c878f789718854807a70e250302459cac43b75653662751772d84bdf5bbb357153b86eb52d48badb73cd1f046010f968fedca4d69c8ed19cc9ec9858b538b225c1a9741fdeb767dfaa", 0x51}, {&(0x7f0000000080)="9589216442cde10490f1fe5e0c23841196966e1ca919d02ff96b34ac59059bf0e22c6b8a", 0x24}, {&(0x7f00000001c0)="3394ba7d2020d32572f73495b233c213af5f517c437c2a5e94cbcd1b45abca439401b04663a38b08b511e600677ffc81a752c6512cf7c4d5393854035034b744e9388f3a0d13f45524493f06002e43bef2ab79cfe088bf7363de5985cb52179d32d4ce051a01710289aab88e2bbe1c78b5ab2712597b11c21310a0a60d906f7af0e8fedac733b1fb4a21d4bf3bb545a8ebb5d2f2e61d384d9cfdf699d2a55b5a112b9546f35187cff4f6f65f2044853e22fa6ee9", 0xb4}], 0x3, 0x8)

[ 1119.023204] FAT-fs (loop4): bogus number of reserved sectors
[ 1119.035399] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1119.334981] audit: type=1804 audit(1586317979.859:117): pid=16968 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/125/bus" dev="sda1" ino=16129 res=1
[ 1119.389074] audit: type=1804 audit(1586317979.919:118): pid=17009 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/125/bus" dev="sda1" ino=16129 res=1
[ 1120.594562] Bluetooth: hci1 command 0x1003 tx timeout
[ 1120.599901] Bluetooth: hci1 sending frame failed (-49)
[ 1120.754585] Bluetooth: hci0 command 0x1001 tx timeout
[ 1120.759921] Bluetooth: hci0 sending frame failed (-49)
[ 1122.684392] Bluetooth: hci1 command 0x1001 tx timeout
[ 1122.689796] Bluetooth: hci1 sending frame failed (-49)
[ 1122.834413] Bluetooth: hci0 command 0x1009 tx timeout
[ 1124.754250] Bluetooth: hci1 command 0x1009 tx timeout
03:53:07 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000000)={{0x1, 0x0, @reserved="460e0d26ab623f8e89a261eed7b8f75da9d40ce23b6a42c4fb44d18304126708"}})
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x8, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="6e6f6430e46f4d596f74732c4778144b73654cb27dce62c4d56e0a5fb51d9c1d649294f78f9068ff2df7732a5153dd3d372c74faa9bb37272b23b8f3db3ced24c4e3a6c431326c7ab4004a5a00"])

[ 1126.783217] FAT-fs (loop4): Unrecognized mount option "nod0äoMYots" or missing value
[ 1126.850855] FAT-fs (loop4): Unrecognized mount option "nod0äoMYots" or missing value
03:53:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:53:09 executing program 0:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ptype\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_BATCH(0x19, 0x0, 0x0)
preadv(r0, &(0x7f00000017c0), 0x33d, 0x4000)

03:53:09 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f00000001c0)={0x3, 0x40, 0xfa00, {{0x2, 0x0, 0x0, @mcast2}, {0x2, 0x0, 0x0, @dev}, r2}}, 0x48)
r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f00000000c0)=0x7)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:53:09 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
sendmsg$IPVS_CMD_ZERO(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x14, r6, 0x1}, 0x14}}, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x44, r6, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4422db2d}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x57ef}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffff7}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:53:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000cab000))
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid'}}]})

03:53:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f646f749d1a80466f821bfdb66b11ca793d3cd24171ee9ebbc7cf2defb075ef1ab9d5b153060214a972773f2af64eca86279276d178b52e0e6b44281fd6ad292b37e3e24ded2e467d2d2be7f607dd06c2d43f43219e3edbbbb13009370f89584b8028af9a89ac55cc79052c24178c5efc88e9806ca6a7e2f57eff08d5"])

[ 1128.741370] Bluetooth: Unknown HCI packet type 5e
[ 1128.741621] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1128.749192] Bluetooth: Unknown HCI packet type 43
[ 1128.762110] FAT-fs (loop4): Unrecognized mount option "nodot�€Fo‚ý¶kÊy=<ÒAqîž»ÇÏ-ï°uï¹Õ±S©rw?*öNʆ'’vÑxµ.kD(Ö­)+7ãâMí.F}-+çöÝÂÔ?C!ž>Û»±0	7‰XK€(¯š‰¬UÌy" or missing value
[ 1128.799745] Bluetooth: Unknown HCI packet type 5e
[ 1128.806176] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1128.811922] Bluetooth: Unknown HCI packet type 5e
[ 1128.821406] Bluetooth: Unknown HCI packet type 43
[ 1128.827479] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1128.839210] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1128.842308] Bluetooth: Unknown HCI packet type 5e
03:53:09 executing program 0:
recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ptype\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_BATCH(0x19, 0x0, 0x0)
preadv(r0, &(0x7f00000017c0), 0x33d, 0x4000)

[ 1128.846318] Bluetooth: Unknown HCI packet type 5e
[ 1128.858985] Bluetooth: Unknown HCI packet type 50
[ 1128.875946] Bluetooth: Unknown HCI packet type 50
[ 1128.888430] Bluetooth: Unknown HCI packet type 43
[ 1128.889028] Bluetooth: Unknown HCI packet type 5e
[ 1128.905297] Bluetooth: Unknown HCI packet type 5e
[ 1128.912818] hfs: can't find a HFS filesystem on dev loop2
[ 1128.920592] Bluetooth: Unknown HCI packet type 40
[ 1128.926399] Bluetooth: Unknown HCI packet type 5e
[ 1128.930801] Bluetooth: Unknown HCI packet type 40
03:53:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:53:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
recvfrom$netrom(r2, &(0x7f0000000000)=""/20, 0x14, 0x12001, &(0x7f0000000040)={{0x3, @null, 0x5}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast]}, 0x48)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1128.972874] Bluetooth: Unknown HCI packet type 50
[ 1129.015036] Bluetooth: Unknown HCI packet type 5e
03:53:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f00000000c0)=""/154)

[ 1129.036429] Bluetooth: Unknown HCI packet type 40
[ 1129.069303] Bluetooth: Unknown HCI packet type 5e
[ 1129.078027] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1129.090677] FAT-fs (loop4): bogus number of reserved sectors
[ 1129.094435] Bluetooth: Unknown HCI packet type 43
[ 1129.099690] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1129.108479] Bluetooth: Unknown HCI packet type 5e
03:53:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:53:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000040)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff7000/0x3000)=nil, &(0x7f0000000000)="88e0f0acba1bf5057880507601f7166ecf036fd90a", 0x15}, 0x68)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1129.127045] Bluetooth: Unknown HCI packet type 50
[ 1129.135578] Bluetooth: Unknown HCI packet type 5e
[ 1129.149925] Bluetooth: Unknown HCI packet type 40
03:53:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1129.258145] FAT-fs (loop4): bogus number of reserved sectors
[ 1129.272024] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1129.357724] FAT-fs (loop4): bogus number of reserved sectors
[ 1129.368925] FAT-fs (loop4): Can't find a valid FAT filesystem
03:53:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)

[ 1130.753543] Bluetooth: hci0 command 0x1003 tx timeout
[ 1130.758900] Bluetooth: hci0 sending frame failed (-49)
[ 1130.833494] Bluetooth: hci1 command 0x1003 tx timeout
[ 1130.838848] Bluetooth: hci1 sending frame failed (-49)
[ 1130.913586] Bluetooth: hci2 command 0x1003 tx timeout
[ 1130.919009] Bluetooth: hci2 sending frame failed (-49)
[ 1131.073490] Bluetooth: hci3 command 0x1003 tx timeout
[ 1131.078819] Bluetooth: hci3 sending frame failed (-49)
[ 1132.833363] Bluetooth: hci0 command 0x1001 tx timeout
[ 1132.838729] Bluetooth: hci0 sending frame failed (-49)
[ 1132.913368] Bluetooth: hci1 command 0x1001 tx timeout
[ 1132.918704] Bluetooth: hci1 sending frame failed (-49)
[ 1132.993383] Bluetooth: hci2 command 0x1001 tx timeout
[ 1132.998897] Bluetooth: hci2 sending frame failed (-49)
[ 1133.160147] Bluetooth: hci3 command 0x1001 tx timeout
[ 1133.165576] Bluetooth: hci3 sending frame failed (-49)
[ 1134.913193] Bluetooth: hci0 command 0x1009 tx timeout
[ 1135.003118] Bluetooth: hci1 command 0x1009 tx timeout
[ 1135.083174] Bluetooth: hci2 command 0x1009 tx timeout
[ 1135.233111] Bluetooth: hci3 command 0x1009 tx timeout
03:53:19 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)

03:53:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
fremovexattr(r2, &(0x7f0000000000)=@random={'osx.', 'msdos\x00'})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f00000002c0)={{0xa, 0x4e22, 0x3f, @dev={0xfe, 0x80, [], 0xe}, 0x7fffffff}, {0xa, 0x4e23, 0xd, @empty, 0x4}, 0x4, [0x2, 0x7, 0xffffffff, 0x0, 0x6, 0xffffff7f, 0x6, 0x3]}, 0x5c)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="0699c012b04d91e60fcac60000000000000010000510000000000000000057b800aedf52943b28fffb0f49c64a8458447bd49ba5592ac0e7a9740f90c3ad02baa4a556825fed75babc82a9e85f421d52f99acf9af56afcd793c587c3473f9cb96a89a784e13a", @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c000280050008000000000008000500", @ANYRES32=r6, @ANYBLOB="2e2465e7d32d258bb49a1e369c869bc18e8d4adc4c665762b27a9183425b9d7adb320a5ea44b7a5e68f12e0060175310cc9c35d1e6118155613ee072cff170f1fd4bab39b84760338ebfe307fed2b0ae7b6aaaa73e30778dd48af2708cf67cca5a6da28c3931b900c63f0dcb8c32bbdc579247237779ec53b921b4510b23a2d1029ff47d4805ac35d28f833ed95d6e37d2620ab91692e6206c6f5eca580ac2d6bdbec747d169"], 0x44}}, 0x0)
r7 = socket(0xb, 0x80003, 0xf5a)
sendmsg$FOU_CMD_GET(r7, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f00000004c0)={0x48, 0x0, 0x2, 0x70bd2d, 0x25dfdbff, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @remote}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @multicast2}, @FOU_ATTR_LOCAL_V4={0x8, 0x6, @broadcast}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e23}, @FOU_ATTR_TYPE={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000c040}, 0x800)
fallocate(r3, 0x8, 0x97, 0x401)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:53:19 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:53:19 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
lstat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
syz_mount_image$ntfs(&(0x7f00000001c0)='ntfs\x00', &(0x7f0000000240)='./file0\x00', 0x4, 0x3, &(0x7f0000000480)=[{&(0x7f0000000280)="1433538e8226c60fc2a8b722afa1305a1ee02f3db73f086123ff0fdd9f5b4c0132da7dac54413d2b38689a4fc28bb8f041e8d9b16c7a5812c869877c43ca6fb6b9db2a84b3702aac58984e00525ee7c3f810f560e8963b6cd0a1480a213cba8fa058f63eaea265754c2a08e08dd58afe8215527d51cc628a2237170c527c70f226b5b06084f39106db162a7bbff3e8c7be69a7c720dbe33216bdad85e656c39e28a1f6103f9547042bfa462385226dda676ae994a272d9407a8875fc", 0xbc, 0x7}, {&(0x7f0000000340)="b33ee031fbda206f7904566431b479d6c211a088ecbdeb84d97698e01a384e492c741aec1d008fc4f0dceba7fcc799d6bb7a962858150f2300a597111be9aa7253ff5796916358d36cf6406e919d76075b953c3027a1dce373be0da8a191552a277419fb5fa34f34e994bbaf6add3281f72a11c6", 0x74, 0x1000}, {&(0x7f00000003c0)="d29777e860a96e2e7d58e03775a2100fd14c9fe73180bf7136cc15b484091dcb0cc1d5a33185c86a681f6c1f4f01209045d391cea765dd4ec719cbd742e90b3c6a808ce38b7c101337c8c517d765864a01df03e23dcfa4f9290ec409cd0d6fe05376e3456c46b5bf631e93a13a419d10eae6d1f80c110da6b084c57ce3f916bfaba2e210aeb785afa48cfe255ed120db18bbec3c8717c3b94c69ff2dd2c68ff124b9da2d345c2b7a3771b9fa60e973fed39e489d", 0xb4, 0x5}], 0x4020, &(0x7f00000005c0)={[{@nls={'nls', 0x3d, 'cp866'}}, {@mft_zone_multiplier={'mft_zone_multiplier', 0x3d, 0x1}}, {@fmask={'fmask', 0x3d, 0xffffffff}}, {@errors_remount='errors=remount-ro'}, {@nls={'nls', 0x3d, 'koi8-ru'}}], [{@obj_role={'obj_role', 0x3d, '/dev/ptmx\x00'}}, {@uid_gt={'uid>', r1}}, {@dont_measure='dont_measure'}]})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x40044)
ioctl$SIOCPNADDRESOURCE(0xffffffffffffffff, 0x89e0, &(0x7f0000000140)=0x100)

03:53:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x2)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
fremovexattr(r2, &(0x7f0000000100)=@random={'user.', '\x83}wlan1mime_typeGPL}\x00'})

03:53:19 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8080fffffffe)

[ 1139.019294] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=19888 sclass=netlink_route_socket pig=17145 comm=syz-executor.4
[ 1139.048089] Bluetooth: Unknown HCI packet type 5e
[ 1139.053175] Bluetooth: Unknown HCI packet type 43
[ 1139.060373] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1139.077579] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1139.077611] Bluetooth: Unknown HCI packet type 5e
[ 1139.089712] Bluetooth: Unknown HCI packet type 5e
[ 1139.095352] Bluetooth: Unknown HCI packet type 43
[ 1139.096079] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1139.100216] Bluetooth: Unknown HCI packet type 5e
[ 1139.115148] Bluetooth: Unknown HCI packet type 43
[ 1139.116188] FAT-fs (loop4): bogus number of reserved sectors
[ 1139.120039] Bluetooth: Unknown HCI packet type 5e
[ 1139.120045] Bluetooth: Unknown HCI packet type 50
[ 1139.120049] Bluetooth: Unknown HCI packet type 5e
[ 1139.120054] Bluetooth: Unknown HCI packet type 40
[ 1139.146498] Bluetooth: Unknown HCI packet type 5e
[ 1139.156678] Bluetooth: Unknown HCI packet type 50
[ 1139.160962] hfs: can't find a HFS filesystem on dev loop2
[ 1139.167811] Bluetooth: Unknown HCI packet type 5e
[ 1139.167825] Bluetooth: Unknown HCI packet type 50
[ 1139.180112] Bluetooth: Unknown HCI packet type 5e
[ 1139.189453] Bluetooth: Unknown HCI packet type 40
[ 1139.193857] Bluetooth: Unknown HCI packet type 40
[ 1139.198210] FAT-fs (loop4): Can't find a valid FAT filesystem
03:53:19 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

[ 1139.262261] FAT-fs (loop4): bogus number of reserved sectors
[ 1139.269110] FAT-fs (loop4): Can't find a valid FAT filesystem
03:53:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r5, 0xd, 0x0)
shmctl$SHM_LOCK(r5, 0xb)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x4, &(0x7f0000000100), 0x8, r4, 0x4})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:53:20 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f64009496572da920b0133f735f0017a067f3732c6e6f6361730180000000000000000001b8327cf9f996e0181f31a4270b102cb6ba62d95aa2ebd0499905fd64003bf26e5bae800e2247779a101402712cfd6f0849450e28fe9cc9241e4f32d62c8d4fcf3939eb8768ab3a2a535a87de86afe340408be9a56b1f285c3adaa7286921c9b5033bc9c661613aae3d71e928178459442c15a5a4797dbc26d7"])
socket$l2tp6(0xa, 0x2, 0x73)

03:53:20 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:53:20 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

[ 1139.622049] audit: type=1804 audit(1586318000.151:119): pid=17209 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/316/bus" dev="sda1" ino=16172 res=1
[ 1139.651712] FAT-fs (loop4): Unrecognized mount option "nod" or missing value
03:53:20 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
write$P9_RWRITE(r2, &(0x7f0000000000)={0xb, 0x77, 0x1}, 0xb)
r3 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:53:20 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ftruncate(0xffffffffffffffff, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

[ 1139.803776] Bluetooth: Unknown HCI packet type 5e
[ 1139.811524] audit: type=1804 audit(1586318000.341:120): pid=17230 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/285/bus" dev="sda1" ino=16161 res=1
[ 1139.838555] Bluetooth: Unknown HCI packet type 43
[ 1139.899715] FAT-fs (loop4): bogus number of reserved sectors
[ 1139.919510] FAT-fs (loop4): Can't find a valid FAT filesystem
03:53:20 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ftruncate(0xffffffffffffffff, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

[ 1140.602598] audit: type=1804 audit(1586318001.121:121): pid=17236 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/285/bus" dev="sda1" ino=16161 res=1
[ 1140.725988] audit: type=1804 audit(1586318001.261:122): pid=17259 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/285/bus" dev="sda1" ino=16161 res=1
[ 1141.072455] Bluetooth: hci0 command 0x1003 tx timeout
[ 1141.077779] Bluetooth: hci0 sending frame failed (-49)
[ 1141.152464] Bluetooth: hci1 command 0x1003 tx timeout
[ 1141.152491] Bluetooth: hci2 command 0x1003 tx timeout
[ 1141.157771] Bluetooth: hci1 sending frame failed (-49)
[ 1141.170072] Bluetooth: hci2 sending frame failed (-49)
[ 1141.872421] Bluetooth: hci3 command 0x1003 tx timeout
[ 1141.880905] Bluetooth: hci3 sending frame failed (-49)
[ 1143.152321] Bluetooth: hci0 command 0x1001 tx timeout
[ 1143.157690] Bluetooth: hci0 sending frame failed (-49)
[ 1143.232318] Bluetooth: hci2 command 0x1001 tx timeout
[ 1143.232321] Bluetooth: hci1 command 0x1001 tx timeout
[ 1143.232419] Bluetooth: hci1 sending frame failed (-49)
[ 1143.248844] Bluetooth: hci2 sending frame failed (-49)
[ 1143.952363] Bluetooth: hci3 command 0x1001 tx timeout
[ 1143.957713] Bluetooth: hci3 sending frame failed (-49)
[ 1145.232183] Bluetooth: hci0 command 0x1009 tx timeout
[ 1145.322149] Bluetooth: hci2 command 0x1009 tx timeout
[ 1145.327430] Bluetooth: hci1 command 0x1009 tx timeout
[ 1146.032054] Bluetooth: hci3 command 0x1009 tx timeout
03:53:29 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:53:29 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ftruncate(0xffffffffffffffff, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:53:29 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="796f646f74732cdd5dd301096e"])

03:53:29 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, &(0x7f0000000040), 0x4)
r3 = getpid()
sched_setattr(r3, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x4, 0x0, 0x10000}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setuid(r5)
ioctl$DRM_IOCTL_GET_CLIENT(r2, 0xc0286405, &(0x7f00000000c0)={0x7fffffd, 0xa48, {r3}, {r5}, 0x4, 0xff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:53:29 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x181002, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280)='TIPCv2\x00')
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="d57f000019bb620b8f1216"], 0x3}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x44}}, 0x0)
ioctl$FIGETBSZ(r3, 0x2, &(0x7f0000000400))
sendmsg$TIPC_NL_PEER_REMOVE(r1, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000380)={&(0x7f0000000140)={0x220, r2, 0x602, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x80000000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_MON={0x34, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x40}]}, @TIPC_NLA_MEDIA={0x7c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x101}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x73a38269}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}]}, @TIPC_NLA_NODE={0x10, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0x104, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5f1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x4, @remote, 0x100}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0xfffffffb, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8000}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0xe252, @dev={0xfe, 0x80, [], 0x38}}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x7f, @remote, 0x7fffffff}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x40}}}, {0x14, 0x2, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x81}]}]}, 0x220}, 0x1, 0x0, 0x0, 0x8800}, 0x80)

[ 1149.282286] Bluetooth: Unknown HCI packet type 5e
[ 1149.288241] Bluetooth: Unknown HCI packet type 43
[ 1149.289485] FAT-fs (loop4): Unrecognized mount option "yodots" or missing value
[ 1149.299356] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1149.319041] Bluetooth: Unknown HCI packet type 5e
[ 1149.320365] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1149.326080] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1149.337203] Bluetooth: Unknown HCI packet type 5e
[ 1149.337256] Bluetooth: Unknown HCI packet type 5e
[ 1149.342312] Bluetooth: Unknown HCI packet type 43
[ 1149.347214] Bluetooth: Unknown HCI packet type 43
[ 1149.352743] Bluetooth: Unknown HCI packet type 50
[ 1149.363956] Bluetooth: Unknown HCI packet type 5e
[ 1149.372322] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1149.382664] Bluetooth: Unknown HCI packet type 5e
[ 1149.384210] hfs: can't find a HFS filesystem on dev loop2
[ 1149.397256] Bluetooth: Unknown HCI packet type 5e
[ 1149.402284] Bluetooth: Unknown HCI packet type 50
[ 1149.410577] Bluetooth: Unknown HCI packet type 50
[ 1149.412661] Bluetooth: Unknown HCI packet type 40
[ 1149.424285] Bluetooth: Unknown HCI packet type 5e
[ 1149.435969] Bluetooth: Unknown HCI packet type 40
[ 1149.439098] Bluetooth: Unknown HCI packet type 5e
[ 1149.452688] Bluetooth: Unknown HCI packet type 40
03:53:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r5, 0xd, 0x0)
shmctl$SHM_LOCK(r5, 0xb)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x4, &(0x7f0000000100), 0x8, r4, 0x4})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:53:30 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:53:30 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$KDSKBLED(r1, 0x4b65, 0x6)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000000)={'veth0_to_team\x00', {0x2, 0x4e20, @empty}})
r2 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:53:31 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

[ 1150.579678] FAT-fs (loop4): bogus number of reserved sectors
[ 1150.590137] FAT-fs (loop4): Can't find a valid FAT filesystem
03:53:31 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:53:31 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
fchdir(0xffffffffffffffff)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:53:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="6f7f646f74732c6e10ad617365"])
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, &(0x7f0000000000)={{0x2, 0x1}, 0x0, 0x0, 0x7, {0x1, 0x2}, 0x7, 0x10000})

[ 1151.313458] Bluetooth: hci0 command 0x1003 tx timeout
[ 1151.319029] Bluetooth: hci0 sending frame failed (-49)
[ 1151.334409] FAT-fs (loop4): Unrecognized mount option "odots" or missing value
[ 1151.350315] audit: type=1804 audit(1586318011.882:123): pid=17362 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/317/bus" dev="sda1" ino=15825 res=1
[ 1151.391555] Bluetooth: hci1 command 0x1003 tx timeout
[ 1151.391699] Bluetooth: hci2 command 0x1003 tx timeout
[ 1151.410688] Bluetooth: hci1 sending frame failed (-49)
[ 1151.424517] Bluetooth: hci2 sending frame failed (-49)
[ 1151.497227] Bluetooth: Unknown HCI packet type 5e
[ 1152.115358] FAT-fs (loop4): Unrecognized mount option "odots" or missing value
[ 1153.391412] Bluetooth: hci0 command 0x1001 tx timeout
[ 1153.396747] Bluetooth: hci0 sending frame failed (-49)
[ 1153.481271] Bluetooth: hci2 command 0x1001 tx timeout
[ 1153.486591] Bluetooth: hci1 command 0x1001 tx timeout
[ 1153.486616] Bluetooth: hci2 sending frame failed (-49)
[ 1153.494324] Bluetooth: hci1 sending frame failed (-49)
[ 1153.551249] Bluetooth: hci3 command 0x1003 tx timeout
[ 1153.556651] Bluetooth: hci3 sending frame failed (-49)
[ 1155.471129] Bluetooth: hci0 command 0x1009 tx timeout
[ 1155.551133] Bluetooth: hci1 command 0x1009 tx timeout
[ 1155.551240] Bluetooth: hci2 command 0x1009 tx timeout
[ 1155.631175] Bluetooth: hci3 command 0x1001 tx timeout
[ 1155.636520] Bluetooth: hci3 sending frame failed (-49)
[ 1157.710940] Bluetooth: hci3 command 0x1009 tx timeout
03:53:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, 0x0)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:53:39 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
fchdir(0xffffffffffffffff)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:53:39 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000380)=[@in6={0xa, 0x4e21, 0xf7, @ipv4={[], [], @local}, 0x9}, @in6={0xa, 0x4e23, 0x4, @loopback}, @in6={0xa, 0x4e22, 0x10000, @mcast2}, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e21, 0x1, @ipv4={[], [], @rand_addr=0x2}, 0x7}], 0x80)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r9}]}, 0x44}}, 0x0)
dup2(r2, r6)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:53:39 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x48002, 0x0)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000640)={0x0, 0x1, 0x0, 0x10, 0x17, &(0x7f0000000240)="0fd7e16aa3e962c084d0d0a4513c1b273698222181e28b4d6aa60123491bec1aa2dd943c9fdf6475fa37b610fb20189425236b8628901943818b2a3ab038bc83d2c957742b57fa673582c78adfcd584e22561ccf297f418ea9131990f49a42a16711b8e205e3350d2a5d7db6f0689e021deec2089ab263b3342053405896ed0d76571f3a5b1cf97650dda2e924c0026c897969c61b9e8100b3d82c9cd0e7b7243cdbd6b4cfa19e8f41eb0fc8ca000336ec8d87571cdfd93c73c6e41d904f86579538c4f26d4b91bfde2136f3314c2cdccaadaa7669e6d062e28bb619a0b83e3e2709146d845c0d72205e50b78028962372a93962a405c5f4bc920c65738a918cf7b2485992e4e5896ba55fb33cfc0588ef86f30b89521c345738d0b5d760e12e6e4dc30b400095281e2832df1dd84d447389adfc56698af86db53be618d995f29e34e2722e80e414befa10e7a934f71c3f7bfb34e86a07e0c3c85d9b6a0873bd23e5c83d1ecd14aebc9081eaf83eeb1fe87b271a0df16169375634587d985af78fd7c1bb557b25a2ee173f345cd70729c65e111c6dc700845a64b2c27eae0b99c369df63dd9b5ad268d52352f9ba3db0d8fe781bd5098a2cdb06585f3af851ec32b6131fd7a10307ea81fa3b39135de71dac00017882676653948d6b2cc1cc5c11d089d30b5d0d4bbf633abd96f8bf69d1b8ce75041cec02228dadce23e0ac7962ae11e29335d50327c5c5ccf5313c5ac88c53691f3ae445b4b98acde24092d17e54becec41c95106b16adcb9a658337875c3696e406c4ae42b7220bc2c262988b276f9e1b38292231127d87035e9ba25325f606551e55a99d313968245edf06f321e59f1e4a2b8cb1946caed7862fa95646064920aa1b7e55bdb4ca05e5598dfc7cb7c7f971675ca0ed662f78952d7f1bfb5ee94b6fbea62e1852ef6c185ad9f31dd33d74682f350722ef918fd7fd2defdf3908e21f2a03e5826617ec3c5ca4c291e07dfe0b17b48a58bd49c7d9fa6fdbf5beadd13a5537273dc152d12620d43f3de75b1e72f8b743f57eb22b2e2d56d67a97a5718d5dc123eb000ba44e1cfb45a86d9e17a3ac2ded315677cf26169806e9062ec26c7248c90ce3551c7b89d1928c7ec0b5b0fac367eaacbc190e1c5c7e28cb28b5947e779b212f4e84d8a3ab419cc9bbf2f178e40c936ea23358e6d541c48a13a4e12ce5b43e78f01195eb93549c7f88eb3ba7c04efce4766529e7ce8de72d6ef13a7e82c4814a430eb9b49ef71a51474ab5d239a7879dd1a3532acd16aa790d31846ad512dcd47f080e87cbb3fd6e8c6930847da13efffb2464359a54ee51bba77b48f3fe64bd5a9903952012b81c57d6f7cee693676c5f56d75b441feaaced6f60754e0bbeb03ae121d08a469cb01428f7dc434f66711d2ad950e732515955221ef7531cf6b8fc6037c8f1"})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$TCSETA(r3, 0x5406, &(0x7f00000000c0)={0x78da, 0x9, 0x5, 0x7, 0xf, "602b4ee46d2e0396"})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:53:39 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1159.457714] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1159.484834] Bluetooth: Unknown HCI packet type 5e
[ 1159.489816] Bluetooth: Unknown HCI packet type 43
[ 1159.495583] Bluetooth: Unknown HCI packet type 5e
[ 1159.496227] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1159.501218] Bluetooth: Unknown HCI packet type 43
[ 1159.514377] Bluetooth: Unknown HCI packet type 5e
[ 1159.516814] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1159.523013] Bluetooth: Unknown HCI packet type 50
[ 1159.531808] Bluetooth: Unknown HCI packet type 5e
[ 1159.538606] Bluetooth: Unknown HCI packet type 5e
[ 1159.550393] Bluetooth: Unknown HCI packet type 5e
[ 1159.555925] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1159.557665] Bluetooth: Unknown HCI packet type 43
[ 1159.568769] hfs: can't find a HFS filesystem on dev loop2
[ 1159.588877] Bluetooth: Unknown HCI packet type 40
[ 1159.597128] Bluetooth: Unknown HCI packet type 5e
[ 1159.597606] Bluetooth: Unknown HCI packet type 50
[ 1159.609804] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1159.610373] Bluetooth: Unknown HCI packet type 50
[ 1159.627539] Bluetooth: Unknown HCI packet type 5e
[ 1159.634151] Bluetooth: Unknown HCI packet type 40
[ 1159.651907] Bluetooth: Unknown HCI packet type 5e
[ 1159.673145] Bluetooth: Unknown HCI packet type 40
[ 1159.685604] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1159.767294] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1161.550430] Bluetooth: hci2 command 0x1003 tx timeout
[ 1161.555859] Bluetooth: hci2 sending frame failed (-49)
[ 1161.560430] Bluetooth: hci1 command 0x1003 tx timeout
[ 1161.566458] Bluetooth: hci0 command 0x1003 tx timeout
[ 1161.566494] Bluetooth: hci1 sending frame failed (-49)
[ 1161.573108] Bluetooth: hci0 sending frame failed (-49)
03:53:42 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r5, 0xd, 0x0)
shmctl$SHM_LOCK(r5, 0xb)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x4, &(0x7f0000000100), 0x8, r4, 0x4})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:53:42 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
fchdir(0xffffffffffffffff)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:53:42 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r5}}]})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
fcntl$setpipe(r6, 0x407, 0x0)
write(r6, &(0x7f0000000340), 0x41395527)
r7 = openat$cgroup_ro(r6, &(0x7f0000000140)='cpuacct.usage_user\x00', 0x0, 0x0)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r7, 0x84, 0x8, &(0x7f00000004c0)=0x1000, 0x4)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x9, 0x5, &(0x7f0000000380)=[{&(0x7f00000006c0)="e4311daac8a5f498c1c9be90e90ec2df131846eec8901465699d06d346bbf0c4673c4af1587a2eac488b3ead68e328d56574abaf33aa9931a210ca5bb810d0275992e773bcb04af3572b8b7f231ccd42c185fa8dfc79392ba289776f2285118d55b1d47ddd1826fc7cc7290c398a40d52b41adbfe68b3a210ced46d81cb87f51af32c77237e009824040603fe3fabad6130dca866e9418679f15a7a9e91acd2d46c5004b3a67c1fb0ea5b98ea6e18a8d303c578a542cdad2f726fad1c2526c040325e2f2c58f1a342b1823b927480ed853fb6b5e7218eb8b811597df905ad044ad5e8014724a9ebb891df3771a71f14f8c5df8b1f63f2915a97cf0f3b6c06e3cfa8f47608d3702668c01e7e6301f4bb232dbf73785c8d5ef909f06cb15e91b8d406602387cbff9c47b02c19a9d0509e92d1a59a97295ae7ae611dcd80be285f9e60e73eaeb1f19a068be46104fea94dd410f22939e0277c23bccbd76fda9e121a8a8f4951c884604aa6eaaa28bed3b4a8a3986d0007f7278db2c12775233212701c42a966245cf617d87e9e7157e8e2662e93161e6d3f1a067996aca7d39eccc12122b80a5b9f1ddce89969743d1875fdc10d0963575abb32decf901b6212b2506e49bee7702c4e39413808ba6ae198e2a2808f9d353317070f29f90ab24c7ee2588dfd0f40a47ac9a7ef8ac55f1171ede5a4f43cd5cdd7c274cdc1694c011c81a66a9a33fd3307cd3ee219379f3897d1bb65abbe48dfbfaece510ab9207d659fde2128774e109f2f096dad89c274894239c51b6bf0a11fc1c1d745915d77eb02c9d57dc9e413226292b7ee7251d3ada608f2725561773f4191adf526329a4780f5ebaea39939b388cf95ca784c089f539ee96bd2530edb0a2b041f05e7cb2a387d42bde4b2f2bbb031ada7a5b7b09879cad745e40fc76727147e2a1f8e5a6e7b8495ded1231c649cbf3188de74b7bad510c9f27f9dfe4946645f8b81d545edc11b08dadae5c72277b57f8338cf7f75666b4a38179b224d0d1daeb9c4325ffc8c0f29a3fdaddd571b1d031828b66fadbfcef0f4e650d71e6c24228e1c6221e5de4dea68aab8e58eb21e0db82f81e4e420471f1fdcf19a627a2cebfe4e6e5f88da3fda91f4bfec12612109f38f3a0df2a546941849f5f6d8a0887756a336d6cf5f2a4b1c3005ec59a190f948eca07270a0e244e4e1bc857dba2191e35a894593569a8f0b55c587d00f501000f71aedcd65406953fb20e822cd892c47190a04ec95b3b27137d1ff569b3644bdef66765dfbde07e9d74f9aa12cde0f2e55de074ef950f975f7d5a9cde31b858328c8cc3e7f6dbddfbf089f4011589691637c86c245646a2bbaf40e38e0210e884a6589ee81697818e2d20d44e548dcf4b67ad1ff81a914a05c74914a158bac2001bd14b61b2f1538012cc7d3d0b1b9baebc77330ded2770b40756ea3f7058d96bb24e82fb6db475dc00574285d81be292a4234355269f60690094fd3b3b23596692007322b5abf77c737c6f3218b2a04b5cbb8e05b2333a368ee70b07090034cb5c4a8c4a5042e77e20dedaede7f626284fdbcf4171b7c78e224b442bcac4ad9829311174ebc363d54357526ae606ac93174807d9b8668d0a21bc0173c2b26b6199d8347166acf1e71d8e1c128627bd61b67418927d14bc1cdfa620d33d4bc7170398bad47ebd35ed77f14eb6f9100bbb5b3005d245b0c5168f8bc280fb7130edd7c0bea513ec03c8ec9df0853f4401460158fc25bd4176ccbe58dcd8682e082ac67034bba58fef8b013dbb86e93b5cbae6c1b804ab10df65b1d815493023a982f93825851a8d4f6993eceb50856811f7bf112b93abfb622438737fbeddd04e6e899b79aa09c920da1b2465ce1626bf9c8b92c8341450ead15948ee20024a352bb157968bf4c1819f4300cece4a32e2fbee7aa77129f6cd930d79c9fbcec2781e479d1ed4b362b597a7c973e7f98aa9947e21beb47295e3aed4057e657a853ea033f7725c43faeb2d698f4709fa371c9fcf06ce26151770f245e32936211bb58768dd7f26b6cb63d7e43681c3ed5c816fab5ccd237c6f739246f5f143b8fa207c6a38065ad9dbf0782411b79a13c0e3c18e258a19e13a0080e7e206a3ea8a22f8ad6738b9063bdfeac5686aa9b85b14650b3a5fc9cb3def6de59e1cec3e416de846a9a8afdf880ccfeea6da2ad2993ae14b665c7bcbbc49ffaa777bed616dedb7505efa412a2c8a8f440dc2d34cac1bb61ba894943b54cfe82330c6bd88d827da6ed7f47b2668d0fd9dd785f93c9ef9f1a3e46484b2657689f62d3f3e26249d9449707615269ed2ceea50ffa216b0541d418bf2447313cbb52ba504ae0a53f03c94f244745f6a11562b433797181bd09a5bc2fc258f7d307a147597510a2f0378e95c501e68fd9591d01fd1102c47440463381ff0de7e59852329624c889af5aaa1bdd1b9e7e044b6ea985fd74a648d37c57211bfc066e512352684794c7e227d99c297f1c6d2221e0f03f48dcba7ebd96dc5f9b5cec257be90e63ba8f5807318fdc60ede87002a665e345515fc49fdc9194b7cee60a59f9b5bb026d69c038711a2090b7068cf84369c9afdba3163b3ef0f4c83b783a0f948e821e52a0254d7e22650643a232bdfd125dfb6b0f9e5920e9b27dc9f8b05cd82d6b220b61de620f329c8697e1201ce0a75e17dc5a7371b5da67404211089c20b41690edc72651edeb8bb35fb0e94eee7da90731ad5caf07cce5d2658c44a3b6b9f19643ae24d4782f2f24df1e7111d747ae243e183ed2af1f391ce7a153591a30a9a1b9fd3a4668ba2810cd3529316014e96105cd6312f73cb6072444ecb8f18bb68feda5d8904c02e38ce55baac944ea17c307fb1691df18368e9ad0837c56701393a16a8802e54b7ececb080319a3cf512a9280576f01f75cbea8a4dfa92705b50780d101cc6680120a655c9501dc4ac124a399680c415372c22ecaa68506c18a33ee744545b615748068af3628bbfb152ca9e8617b9e21c86192f771298c57042cbf4f166cdd8b744d6bb2898d5bc28b0ddf35058c76c598644353b5c007982f0cfde3294ef6bbba0b62f4e9b190718033d5a888e1b3a874c4f714fdd7c1117a04efcf3fca45e54c3d94dc19547d9432413a0d8db3eea67567700565e9a13a1ba206a05208273626aa7f418e8037cf3093c314f28c1a71694c680e71e4841a652451bafc76dc4650fd4d2ae6021ba5bf30016f52e2360832b5d5ed3eb27a8c438ce3baeb5e2074ed48752ab9ec89687d24a665dec85928cd7dcca2fdab7bd65575e31c3fa2091dc4785d26a91b07d09bb28c2719d548bda13df67bcae6352ea318c97b8b8fd5ed8ce1de9bfcc865f700c30098e302dc82750fdd44c4a201ba5ecfbbf1ff92fb7a92a65a12fa279f7fac557c83eef30e72433323661c733306c4f867af7d769697565f6ac04bf929d147faa0041e684ffb73f5739d048e30128fe2e40ae6070428aeb86729d2fafa2f1cd5047e1850b4085306265538e181d8c63db3187f9cf68b3d0d58a02256810f51e7fc7a2207d28e8668bb87ddbf345e501e6af976e067a624c90d414d50522d21a6d1ae59f443c218c68981ceaccc0d4bf2ee2633db11552d01c4570f05fa18b08195128d8a6d6991c4e9c883c41d330a2711d0ac477271499aa2f5d45dc055475b33563f36decf24f8bd39df9aa6ce60795864b765e83c3a969991350fd05cf1ab13e00d6aa81c6c17c262085348899aa22d88abd84e5b413017e06e787162d4e1500350f18a48293b5b39bc212d54872d268e505573207ca89fb877e8ce043b7891dfabceda1969851a114552baa405267ef549d47db47bec94a9c5b079454f39db45768438cc9a41afd8536f51fe4bcc242aeaf5ec2855cec8bfd284b41ce6a572b894e6529eef70610e6039eeb00c4fdb15c918b39c89e95da5397e20c49235c6e3eb2a88dc7b2bde0b290e71cc3201760178afe98fffad92a2e64c40fe5e76007bea228186ccad173a30a04005cab721e72aa4c0840401167858cb834dd6dd4c146cc6b8ebbda19914da6878358999163fcd1b7d3fcc6213a34bfb40560e61e8bb46fd6e1ae21083c843af9c13d9e555ff3e2def9554d1427c5e91bbb5ae31080c40f5011bc91dd3158bea4ec6d8c80d9fa56a1f5ec076520454c3f1c907034440539903245e63145aaebd17612cf4e42d6f81bc66fb381116e9bb49cb7705cf62082656e2c44931595bc76ac814fb2bcae871fecb72e454aa0fe2defe43c840131de9683f6b7924d533059b79055e44e02f3b8db8ee5a40ad078a0b36babc43f98e091437820d8652237980b0a77630acfaef533794d245a106132d8ea1367f8e622ca84c8625f2cb846825073c019e7008e0adbe84154d3990c1bf91fdb73153ff0d2346eccf88f4279d19e36c31c6b304c47ceda4cae2e6752c9599dc5b37603410dd85f645f3d25007f88c58ec881c9658529b2cb67782ce3dc84ca57f07e3899b87715a3ea9c6307bc4b5ecc011b443c3764ab67c03b7635c3f86221c1e3cc6842934477db031aefb8252426f680bb64bc54dbae804596a8f0a191c30e4f188179e288ebdaa296a2234e46da49e6b4a5681a822ec299fc1dd2a4fb974fe8ccc72ca2806ce1e00cb3d37561b7a46a0688109d4e80b31accdf119d6f1a72df0bf0944e73e086b95ffc23e105d29b19dcdfbbd801416b74c02acbedfea82cbb73123bbed7934baa9005801695ac5615a845e54fe0b4ee5d55038750bacaeca33666b7f9d3ee523ad637f71bbe1c8dcfa7ca299bd303a64c2625851ac292315a1dd9da0e80982c60be4f6f8c79b526ca0001d90dd3398e8da2e90f657026958724f17df1f3843e0a8331e4382f3c76622885a2f9b8260b70281c3c9ab8328e47e8b0caf33ec5f90de1fdb81b92f385beb5833b3e5a65b20fc2cef4190c42b2abf091466a76e4eb057f8f6a2e3fe7220131f67ace309c139f8bb15e7d32565a0df604b724ac5f5f1b58a10940307c704a3e6dbc18aae58c262c4ccf64e596fcaaa396bb56847fc55e069e55236cbd5c49d726b60402f5f2f4541498da5262c9bc9c424ee81c9457013136d64d3db164db4293fef2ec1ddeeba8bef564521aae87f43ec8dc077302418eafbb18a59f19ef96ee4145de77f922b377ea63c7835b25b0380ea2bcab68c983bf319092259d0009130c535ca5f33cc2f12859a0e1ad0deccb86a270336647d3243983268a0d96152ecd66334857d7179e2a0313a252b553fbb910c5b1b54de9faba725dd59dbe942f7fa43fedf36060aa5656e1456a8800c35c9ba3b9a3d7104257baa7d4c47b1075bbf935dd5c17e95c13348530655b9bea6e8f721a3876a748fdbd4a33729f492d69628b6c9bd5501b9a6b62f2603db38001009085e9a715e572f48bdc17b70e5feb970405c55b06f63fe7e67b0c75ca50083ef0dc9788977763deb49b497d61045cd016df2e541e04dbd2e58d9930a26f357e5fcefdeb9e7c34571cf784b41004dc165cbb8ece209f4c2a32187e24df2b3cb5266430591fd658f035629c38056b1010e3271f29f34fac2f38bfe1101345d1e4e7a84f84424208bd06f6f65652d21b66575e90bc4b5b75f44d122d44fdcc27a15586822e0f0fb9e81fa172f9807d978d146cfddc736f147c058f30bb986e3dff3c6b4eb2b0d037d00b08106b8ad9d02fd5324746c01fa7c8e03d5ce86d8e67ae7d74e7df48cd944371fb928de03de326b67d8b6192e3e3b6efd97a5a4f1420a727847a7c", 0x1000, 0x3}, {&(0x7f00000001c0)="15c0eebe5b664295ab760afe7e373e87074955ca617bf00a45eb71247fce097c3e6c441f38da037c233af6f595350fa83f821829083075fa86f528440c4e56d7d79e5e87df64ecf42a386ee01aed18a1274bcb5a61962119946c76c3b9e88f62554b952f3eaa1859856eb7b1aa53ff1e397a53542ca53a29515fca9de9e19d9a24a31138be01c693f84237a75bd8b47eea941aae22d9599f1e6c07731b946701c3323e1205194fa935a6fa72816c7bc622", 0xb1, 0x1}, {&(0x7f0000000080)="809ba400a7a2a29039cea4c299a52fa810a3d829d8b1b915fd36107b40633c791a6afaa3ce52eed371173af59af7d44bff7d73d0a8e6", 0x36, 0x3}, {&(0x7f0000000280)="d86ccb745b4d55408b8d980f89ceb960941be5db272a5f1872ca6fb1d81c8a61150a1aa5edcdc5a653fcb9987c044e003ed707f4a1fea5aaaf33651829dad49253137a236c37b340c8a7aff26deb7bb575cb4b4ba29094a6ffae938a579f5f18654d930a10aa626bf605d0af8736625f665b7d208aac5da934f5042ca653d41f1b41a0f1fcd19566469c7d803ed7246a0cd38f48553b9c82767ace3c93d990978cffb13274768ec452", 0xa9, 0x5}, {&(0x7f00000000c0)="de6828c0beb832a53412", 0xa, 0x1ff}], 0x4000, &(0x7f0000000500)=ANY=[@ANYBLOB='quiet,session=0x000000000000f0ca,uid=', @ANYRESHEX=r3, @ANYBLOB=',session=0x00000000000000fa,gid=', @ANYRESHEX=r5, @ANYBLOB="2c71756965742c63726561746f723d657f54662c71756965746f6c653d6370757365742d036d30257070703173797374656d776c616e31e403650cccbd9d6c426b9d72776c616e302c00"])

[ 1161.999994] FAT-fs (loop4): bogus number of reserved sectors
[ 1162.009349] FAT-fs (loop4): Can't find a valid FAT filesystem
03:53:42 executing program 1:
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1162.115357] hfs: gid requires an argument
[ 1162.120237] hfs: unable to parse mount options
[ 1162.161957] print_req_error: I/O error, dev loop4, sector 0
03:53:42 executing program 1:
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:53:42 executing program 1:
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:53:42 executing program 1:
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1162.921566] audit: type=1804 audit(1586318023.463:124): pid=17498 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/318/bus" dev="sda1" ino=15873 res=1
[ 1163.049001] Bluetooth: Unknown HCI packet type 5e
[ 1163.054112] Bluetooth: Unknown HCI packet type 43
[ 1163.630243] Bluetooth: hci0 command 0x1001 tx timeout
[ 1163.630285] Bluetooth: hci1 command 0x1001 tx timeout
[ 1163.635596] Bluetooth: hci0 sending frame failed (-49)
[ 1163.647454] Bluetooth: hci2 command 0x1001 tx timeout
[ 1163.647482] Bluetooth: hci1 sending frame failed (-49)
[ 1163.654081] Bluetooth: hci2 sending frame failed (-49)
[ 1165.070242] Bluetooth: hci3 command 0x1003 tx timeout
[ 1165.075646] Bluetooth: hci3 sending frame failed (-49)
[ 1165.710057] Bluetooth: hci2 command 0x1009 tx timeout
[ 1165.710070] Bluetooth: hci1 command 0x1009 tx timeout
[ 1165.723551] Bluetooth: hci0 command 0x1009 tx timeout
[ 1167.149963] Bluetooth: hci3 command 0x1001 tx timeout
[ 1167.155407] Bluetooth: hci3 sending frame failed (-49)
[ 1169.229879] Bluetooth: hci3 command 0x1009 tx timeout
03:53:50 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:53:50 executing program 1:
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:53:50 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB])
ioctl$KIOCSOUND(r1, 0x4b2f, 0x6)

03:53:50 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x3, 0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x10004)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:53:50 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
dup(r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1169.707125] Bluetooth: Unknown HCI packet type 5e
[ 1169.712333] Bluetooth: Unknown HCI packet type 43
[ 1169.719832] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1169.727437] Bluetooth: Unknown HCI packet type 5e
[ 1169.734882] FAT-fs (loop4): bogus number of reserved sectors
[ 1169.746168] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1169.754278] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1169.754336] Bluetooth: Unknown HCI packet type 5e
[ 1169.761047] Bluetooth: Unknown HCI packet type 50
[ 1169.772883] Bluetooth: Unknown HCI packet type 43
[ 1169.788228] Bluetooth: Unknown HCI packet type 5e
[ 1169.797508] Bluetooth: Unknown HCI packet type 5e
[ 1169.820398] Bluetooth: Unknown HCI packet type 50
[ 1169.827307] Bluetooth: Unknown HCI packet type 40
[ 1169.838849] Bluetooth: Unknown HCI packet type 5e
[ 1169.846529] Bluetooth: Unknown HCI packet type 40
[ 1171.719502] Bluetooth: hci0 command 0x1003 tx timeout
[ 1171.725661] Bluetooth: hci0 sending frame failed (-49)
[ 1171.789586] Bluetooth: hci1 command 0x1003 tx timeout
[ 1171.794941] Bluetooth: hci1 sending frame failed (-49)
03:53:54 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r5, 0xd, 0x0)
shmctl$SHM_LOCK(r5, 0xb)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x4, &(0x7f0000000100), 0x8, r4, 0x4})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:53:54 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x6)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$GIO_UNISCRNMAP(r1, 0x4b69, &(0x7f00000000c0)=""/115)

03:53:54 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getsockopt$IP_SET_OP_VERSION(r0, 0x1, 0x53, &(0x7f0000000300), &(0x7f0000000400)=0x8)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e77746f74092c6a6f63616a654d2152c676900812b2f447d2a6f68f150f10a3a22846a5c6519ce2e448a714955d6d8a6c4011849f179fbeeebcf65eadb3a6024db3b91334c1d7fd4308dd783c03785123c5ec9bd28b0abd5e4f3d42856070ba506ee45825d65932987759ed66bf9e0318da7108f4ff0ffc47268d7b61b2f495fab35f52a9ff791e0f283ff9d60ddbff78e388271f5062fd6d38925f6038f3f12335de81fc5cb89adb4b398c0ec17dd8c52650"])
ioctl$VIDIOC_S_EDID(r1, 0xc0285629, &(0x7f0000000040)={0x0, 0x1, 0x1, [], &(0x7f0000000000)=0x1})
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
fstat(r2, &(0x7f00000001c0))
lseek(r2, 0x0, 0x2)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440)='/dev/sequencer\x00', 0x2102, 0x0)
write$FUSE_WRITE(r3, &(0x7f0000000480)={0x18, 0x0, 0x7, {0x6}}, 0x18)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
r5 = signalfd4(r4, &(0x7f0000000140)={[0xffffffffffffff35]}, 0x8, 0x800)
pread64(r5, &(0x7f0000000240)=""/173, 0xad, 0x3)
sendfile(r2, r4, 0x0, 0x8400fffffffa)
ioctl$VIDIOC_SUBDEV_G_EDID(r2, 0xc0285628, &(0x7f00000000c0)={0x0, 0xfffff4c9, 0x4, [], &(0x7f0000000080)=0x9})

03:53:54 executing program 1:
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1173.505774] FAT-fs (loop4): Unrecognized mount option "nwtot	" or missing value
[ 1173.571845] audit: type=1804 audit(1586318034.104:125): pid=17561 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/292/bus" dev="sda1" ino=16179 res=1
[ 1173.596818] Bluetooth: Unknown HCI packet type 06
[ 1173.599639] Bluetooth: Unknown HCI packet type 5e
[ 1173.608490] Bluetooth: Unknown HCI packet type 43
03:53:54 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1173.621828] Bluetooth: Unknown HCI packet type 5e
[ 1173.638072] Bluetooth: Unknown HCI packet type 50
[ 1173.695040] Bluetooth: Unknown HCI packet type 5e
[ 1173.718198] Bluetooth: Unknown HCI packet type 40
[ 1173.725779] audit: type=1804 audit(1586318034.154:126): pid=17565 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/131/bus" dev="sda1" ino=16181 res=1
[ 1173.790616] Bluetooth: hci0 command 0x1001 tx timeout
[ 1173.801763] Bluetooth: hci0 sending frame failed (-49)
[ 1173.869429] Bluetooth: hci1 command 0x1001 tx timeout
[ 1173.874765] Bluetooth: hci1 sending frame failed (-49)
03:53:54 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:53:54 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1174.311267] FAT-fs (loop4): Unrecognized mount option "nwtot	" or missing value
[ 1174.354694] audit: type=1804 audit(1586318034.884:127): pid=17609 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/292/bus" dev="sda1" ino=16179 res=1
[ 1174.637645] audit: type=1804 audit(1586318035.155:128): pid=17576 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/292/bus" dev="sda1" ino=16179 res=1
[ 1175.143714] audit: type=1804 audit(1586318035.675:129): pid=17616 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/319/bus" dev="sda1" ino=15847 res=1
[ 1175.629122] Bluetooth: hci2 command 0x1003 tx timeout
[ 1175.634541] Bluetooth: hci2 sending frame failed (-49)
[ 1175.869069] Bluetooth: hci0 command 0x1009 tx timeout
[ 1175.949111] Bluetooth: hci1 command 0x1009 tx timeout
[ 1177.708952] Bluetooth: hci2 command 0x1001 tx timeout
[ 1177.714331] Bluetooth: hci2 sending frame failed (-49)
[ 1179.788715] Bluetooth: hci2 command 0x1009 tx timeout
03:54:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:54:00 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="6e6f446ff90ef2289b482529945f742b2d0d6812fdcfff1533129080cab3abd90ec1a8af581bca30718704a49cf1f7c65b27289a6136a1566440f64ba0384e163cd510a242e6a4b259368abb0635bb25b38517a7cd85222dc384165474ffc53b049a8aca067d18f6f5052aec96dc4e838d445a3697ef07d2b912608f26d953e386aa2b718eebbe5253f68308889ec647ecc448555896441bed9fed4402c5f2f5cac4ed79655a76d0958657a9cb4fac213984259b6e55c956cbc2805c511243d85bca75c8adc081361055cb2fa7814a22a9a4ab"])
accept4$tipc(r1, &(0x7f0000000000)=@id, &(0x7f0000000040)=0xfffffffffffffebf, 0x0)

03:54:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r5, 0xd, 0x0)
shmctl$SHM_LOCK(r5, 0xb)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x4, &(0x7f0000000100), 0x8, r4, 0x4})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:54:00 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800821}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x9c, r4, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x77}, @IPVS_CMD_ATTR_DEST={0x38, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xbd5}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x800}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e20}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20000000}, 0x2400c000)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1179.946270] FAT-fs (loop4): Unrecognized mount option "noDoùò(›H%)”_t+-
hýÏÿ3�€Ê³«ÙÁ¨¯XÊ0q‡¤œñ÷Æ['(ša6¡Vd@öK 8N<Õ¢B椲Y6Š»5»%³…§Í…"-ÄTtÿÅ;šŠÊ}öõ*ì–ÜNƒ�DZ6—ïÒ¹`�&ÙSㆪ+qŽë¾RSöƒˆžÆGìÄHUX–DíŸíDÅòõÊÄíyeZvЕ†W©ËO¬!9„%›nUÉVË€\QCØ[ÊuÈ­À�6UË/§�J"©¤«" or missing value
[ 1179.973045] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1179.973483] Bluetooth: Unknown HCI packet type 5e
[ 1179.983287] audit: type=1804 audit(1586318040.515:130): pid=17639 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/320/bus" dev="sda1" ino=15859 res=1
[ 1179.985954] Bluetooth: Unknown HCI packet type 5e
[ 1180.018325] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1180.031202] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1180.041323] Bluetooth: Unknown HCI packet type 43
[ 1180.063253] Bluetooth: Unknown HCI packet type 5e
03:54:00 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1180.085044] Bluetooth: Unknown HCI packet type 50
[ 1180.110908] Bluetooth: Unknown HCI packet type 5e
[ 1180.127220] Bluetooth: Unknown HCI packet type 40
[ 1180.134769] Bluetooth: Unknown HCI packet type 43
[ 1180.144087] Bluetooth: Unknown HCI packet type 5e
[ 1180.158329] Bluetooth: Unknown HCI packet type 50
[ 1180.195983] Bluetooth: Unknown HCI packet type 5e
[ 1180.206738] Bluetooth: Unknown HCI packet type 40
[ 1182.038540] Bluetooth: hci1 command 0x1003 tx timeout
[ 1182.044869] Bluetooth: hci1 sending frame failed (-49)
[ 1182.051078] Bluetooth: hci0 command 0x1003 tx timeout
[ 1182.056428] Bluetooth: hci0 sending frame failed (-49)
03:54:04 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x10200, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4030)

03:54:04 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x20, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x2000})
syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x40, 0x400280)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
lseek(r2, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
ioctl$VIDIOC_S_MODULATOR(r1, 0x40445637, &(0x7f0000000240)={0x7, "4b42eb38714f85c001d9d829bf4631b8863a98aeacedb68bec23895d0b8a0f0c", 0x2, 0x4, 0x1ff, 0x2, 0x3})
sendfile(r2, r3, 0x0, 0x8400fffffffa)
pipe(&(0x7f0000000200)={<r4=>0xffffffffffffffff})
vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r4, 0x80605414, &(0x7f0000000080))

03:54:04 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r5, 0xd, 0x0)
shmctl$SHM_LOCK(r5, 0xb)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000140)={0x4, &(0x7f0000000100), 0x8, r4, 0x4})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1183.752565] audit: type=1804 audit(1586318044.275:131): pid=17687 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/321/bus" dev="sda1" ino=15905 res=1
03:54:04 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x20040, 0x0)
mkdirat(r2, &(0x7f0000000040)='./file0\x00', 0x2)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:54:04 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1183.967686] FAT-fs (loop4): bogus number of reserved sectors
[ 1183.986752] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1184.108360] Bluetooth: hci0 command 0x1001 tx timeout
[ 1184.113656] Bluetooth: hci1 command 0x1001 tx timeout
[ 1184.113713] Bluetooth: hci0 sending frame failed (-49)
[ 1184.153183] Bluetooth: hci1 sending frame failed (-49)
[ 1186.188218] Bluetooth: hci1 command 0x1009 tx timeout
[ 1186.193590] Bluetooth: hci0 command 0x1009 tx timeout
03:54:10 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:54:10 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:10 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x1f, 0x80000, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000bc0)=ANY=[@ANYRES64, @ANYRES64, @ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439740000007a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b00000000"], 0x5}, 0x1, 0x0, 0x0, 0x40}, 0x20000050)
ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000080))
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setpipe(r5, 0x407, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="4800000010000507000000000000000000000000887de22e91662d54069d4810a9952f7734bc52583008f7e13224b4e1b675b26e9b300b6a629109b7f600a295a4353d181f0fb01fe3d1abdcbd863f7854a19a67a69db16f2fe96afb5504", @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000003c0))
write(r5, &(0x7f0000000340), 0x41395527)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000240)={0x1, 0x0, 0x2000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r4}]}, 0x44}}, 0x0)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000040)='./file0\x00', 0xc21, 0x0, 0x0, 0x98000, &(0x7f0000000000)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[@ANYPTR, @ANYRESOCT=r4]])

03:54:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r5, 0xd, 0x0)
shmctl$SHM_LOCK(r5, 0xb)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:54:10 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0)
sendfile(r1, r4, &(0x7f00000000c0)=0x3f, 0x0)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:54:10 executing program 3:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x40000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000440)=0x10)
ioctl$KDADDIO(r2, 0x400455c8, 0x4)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000000)=0x4033)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000300)={0x980000, 0x347, 0x8, r3, 0x0, &(0x7f00000002c0)={0x980918, 0x3, [], @ptr=0x5}})
pipe2(&(0x7f00000003c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x86000)
mknod(&(0x7f0000000280)='./file0\x00', 0x40, 0x7)
r5 = socket(0x10, 0x273f506104998ae1, 0xe06)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000380)={0x2, &(0x7f0000000340)=[{0x2, 0xff, 0x3, 0x6}, {0x9, 0xca, 0x42, 0x1000}]}, 0x10)
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000040), 0x10)
r6 = socket(0x10, 0x803, 0x0)
ioctl$KDSETLED(r4, 0x4b32, 0x2080dd8a)
write$P9_RRENAME(r1, &(0x7f0000000240)={0x7, 0x15, 0x1}, 0x7)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
llistxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000400)=""/14, 0xe)

[ 1190.176776] audit: type=1804 audit(1586318050.706:132): pid=17735 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/322/bus" dev="sda1" ino=15777 res=1
[ 1190.235666] Bluetooth: Unknown HCI packet type 5e
[ 1190.235688] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1190.240958] Bluetooth: Unknown HCI packet type 43
[ 1190.270248] Bluetooth: Unknown HCI packet type 5e
[ 1190.271328] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1190.275336] Bluetooth: Unknown HCI packet type 43
[ 1190.318720] Bluetooth: Unknown HCI packet type 5e
03:54:10 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1190.346308] Bluetooth: Unknown HCI packet type 50
[ 1190.354742] Bluetooth: Unknown HCI packet type 5e
[ 1190.372712] Bluetooth: Unknown HCI packet type 5e
[ 1190.379039] Bluetooth: Unknown HCI packet type 5e
[ 1190.405311] Bluetooth: Unknown HCI packet type 40
[ 1190.409167] Bluetooth: Unknown HCI packet type 50
[ 1190.419797] Bluetooth: Unknown HCI packet type 5e
[ 1190.440406] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1190.447947] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1190.478330] Bluetooth: Unknown HCI packet type 40
03:54:11 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:11 executing program 3:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
dup2(r1, r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0xa, 0xfa00, {0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000140)={0x3, 0x3, 0xfa00, {{0x6000000, 0x0, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, {0xa, 0x0, 0x0, @local}, r2}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000000c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000200), r2, 0x1}}, 0x18)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x5)
ioctl$KDADDIO(r3, 0x400455c8, 0x4)
r4 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r4, 0x1000)
lseek(r4, 0x0, 0x2)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8400fffffffa)
mmap$snddsp_status(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x11, r5, 0x82000000)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x64, 0x0, 0x0, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0xb3}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x9}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x4}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0xfe}, @NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x18}, @NL80211_STA_WME_MAX_SP={0x11, 0x2, "2db413ba50086001e6e3c80e5c"}, @NL80211_ATTR_P2P_OPPPS={0x5}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x4, 0x2}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000000)=0x4033)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)

[ 1190.681286] mkiss: ax0: crc mode is auto.
[ 1190.696798] audit: type=1804 audit(1586318051.226:133): pid=17792 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/204/bus" dev="sda1" ino=16065 res=1
03:54:11 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:11 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_init_net_socket$ax25(0x3, 0x5, 0xcc)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="6e6f646f74332c6e6f63b0315b83a9f9ec"])

[ 1191.045335] FAT-fs (loop4): Unrecognized mount option "nodot3" or missing value
03:54:11 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1191.158891] FAT-fs (loop4): Unrecognized mount option "nodot3" or missing value
[ 1191.544356] mkiss: ax0: crc mode is auto.
[ 1191.562784] audit: type=1804 audit(1586318052.096:134): pid=17844 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/204/bus" dev="sda1" ino=16065 res=1
[ 1191.714082] audit: type=1804 audit(1586318052.246:135): pid=17850 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/204/bus" dev="sda1" ino=16065 res=1
[ 1192.267543] Bluetooth: hci0 command 0x1003 tx timeout
[ 1192.273041] Bluetooth: hci0 sending frame failed (-49)
[ 1192.347529] Bluetooth: hci1 command 0x1003 tx timeout
[ 1192.347600] Bluetooth: hci1 sending frame failed (-49)
[ 1192.427521] Bluetooth: hci2 command 0x1003 tx timeout
[ 1192.433060] Bluetooth: hci2 sending frame failed (-49)
[ 1194.347458] Bluetooth: hci0 command 0x1001 tx timeout
[ 1194.352836] Bluetooth: hci0 sending frame failed (-49)
[ 1194.427426] Bluetooth: hci1 command 0x1001 tx timeout
[ 1194.432760] Bluetooth: hci1 sending frame failed (-49)
[ 1194.507434] Bluetooth: hci2 command 0x1001 tx timeout
[ 1194.512760] Bluetooth: hci2 sending frame failed (-49)
[ 1196.427237] Bluetooth: hci0 command 0x1009 tx timeout
[ 1196.507172] Bluetooth: hci1 command 0x1009 tx timeout
[ 1196.587172] Bluetooth: hci2 command 0x1009 tx timeout
03:54:20 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
accept4$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x0)
r2 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:54:20 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='siz'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:20 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

[ 1200.421265] FAT-fs (loop4): bogus number of reserved sectors
[ 1200.452446] tmpfs: No value for mount option 'siz'
[ 1200.461341] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1200.492804] Bluetooth: Unknown HCI packet type 5e
[ 1200.498034] Bluetooth: Unknown HCI packet type 43
[ 1200.502892] Bluetooth: Unknown HCI packet type 5e
[ 1200.504452] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1200.517220] Bluetooth: Unknown HCI packet type 50
[ 1200.522841] Bluetooth: Unknown HCI packet type 5e
[ 1200.557646] Bluetooth: Unknown HCI packet type 40
03:54:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r4, 0xd, 0x0)
shmctl$SHM_LOCK(r4, 0xb)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:54:21 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$KDDELIO(r1, 0x4b35, 0x24)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:54:21 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280)='devlink\x00')
sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x44, r5, 0xef8c987201b6e653, 0x0, 0x0, {0x22}, [{{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x6}}]}, 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x84, r5, 0x2, 0x70bd27, 0x25dfdbfd, {}, [{{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x2}}}]}, 0x84}}, 0x42014)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:54:21 executing program 4:
r0 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r0, 0x1000)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r0, 0xc0884113, &(0x7f0000000000)={0x0, 0x1, 0x0, 0xfff, 0x9, 0x0, 0x3, 0x7f, 0x0, 0xfffffffffffffffd, 0xffffffba, 0x1})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:54:21 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='siz'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1201.036263] audit: type=1804 audit(1586318061.567:136): pid=17909 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/299/bus" dev="sda1" ino=15908 res=1
[ 1201.065122] tmpfs: No value for mount option 'siz'
[ 1201.074123] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1201.097056] Bluetooth: Unknown HCI packet type 5e
[ 1201.102449] Bluetooth: Unknown HCI packet type 43
[ 1201.132719] Bluetooth: Unknown HCI packet type 5e
[ 1201.137596] Bluetooth: Unknown HCI packet type 5e
[ 1201.143202] Bluetooth: Unknown HCI packet type 43
[ 1201.158898] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1201.168128] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1201.180616] Bluetooth: Unknown HCI packet type 5e
[ 1201.184067] Bluetooth: Unknown HCI packet type 50
[ 1201.192140] Bluetooth: Unknown HCI packet type 50
[ 1201.214596] FAT-fs (loop4): bogus number of reserved sectors
[ 1201.239701] Bluetooth: Unknown HCI packet type 5e
[ 1201.252865] Bluetooth: Unknown HCI packet type 5e
[ 1201.253983] Bluetooth: Unknown HCI packet type 40
03:54:21 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='siz'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1201.257909] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1201.275659] Bluetooth: Unknown HCI packet type 40
[ 1201.366061] tmpfs: No value for mount option 'siz'
03:54:22 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size='])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:22 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size='])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1201.856728] audit: type=1804 audit(1586318062.377:137): pid=17917 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/299/bus" dev="sda1" ino=15908 res=1
03:54:22 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size='])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:22 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = accept4$rose(r3, &(0x7f0000000240)=@full={0xb, @remote, @default, 0x0, [@remote, @remote, @netrom, @remote, @null, @null]}, &(0x7f0000000280)=0x40, 0x800)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x44}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'lo\x00', r8})
syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e2f646ff473246e6f63ff7365", @ANYPTR=&(0x7f0000000080)=ANY=[@ANYRESHEX=0x0, @ANYRESDEC=r2, @ANYRESOCT, @ANYRES64]])

[ 1202.003451] audit: type=1804 audit(1586318062.537:138): pid=17909 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/299/bus" dev="sda1" ino=15908 res=1
[ 1202.083968] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
03:54:22 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1202.207859] FAT-fs (loop4): Unrecognized mount option "n/doôs$nocÿse€" or missing value
[ 1202.288104] FAT-fs (loop4): Unrecognized mount option "n/doôs$nocÿse€" or missing value
[ 1202.506616] Bluetooth: hci0 command 0x1003 tx timeout
[ 1202.511947] Bluetooth: hci0 sending frame failed (-49)
[ 1202.554015] audit: type=1804 audit(1586318063.087:139): pid=18001 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/323/bus" dev="sda1" ino=15846 res=1
[ 1203.146545] Bluetooth: hci2 command 0x1003 tx timeout
[ 1203.151816] Bluetooth: hci1 command 0x1003 tx timeout
[ 1203.151878] Bluetooth: hci2 sending frame failed (-49)
[ 1203.166618] Bluetooth: hci1 sending frame failed (-49)
[ 1204.586435] Bluetooth: hci0 command 0x1001 tx timeout
[ 1204.591900] Bluetooth: hci0 sending frame failed (-49)
[ 1204.756410] Bluetooth: hci3 command 0x1003 tx timeout
[ 1204.756503] Bluetooth: hci3 sending frame failed (-49)
[ 1205.226357] Bluetooth: hci1 command 0x1001 tx timeout
[ 1205.231619] Bluetooth: hci2 command 0x1001 tx timeout
[ 1205.231680] Bluetooth: hci1 sending frame failed (-49)
[ 1205.241492] Bluetooth: hci2 sending frame failed (-49)
[ 1206.666381] Bluetooth: hci0 command 0x1009 tx timeout
[ 1206.826252] Bluetooth: hci3 command 0x1001 tx timeout
[ 1206.831802] Bluetooth: hci3 sending frame failed (-49)
[ 1207.306200] Bluetooth: hci1 command 0x1009 tx timeout
[ 1207.306204] Bluetooth: hci2 command 0x1009 tx timeout
[ 1208.906003] Bluetooth: hci3 command 0x1009 tx timeout
03:54:31 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

[ 1210.645569] Bluetooth: Unknown HCI packet type 5e
[ 1210.650860] Bluetooth: Unknown HCI packet type 43
[ 1210.656764] Bluetooth: Unknown HCI packet type 5e
[ 1210.658002] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1210.661756] Bluetooth: Unknown HCI packet type 50
[ 1210.676330] Bluetooth: Unknown HCI packet type 5e
[ 1210.692621] Bluetooth: Unknown HCI packet type 40
[ 1212.675717] Bluetooth: hci0 command 0x1003 tx timeout
[ 1212.681076] Bluetooth: hci0 sending frame failed (-49)
03:54:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_STAT(r4, 0xd, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:54:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000000)=0x8001)
r3 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:54:33 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:33 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f00000000c0)=""/39)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:54:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x40880}, 0x8000)
fsetxattr$security_evm(0xffffffffffffffff, &(0x7f00000003c0)='security.evm\x00', &(0x7f0000000400)=@v1={0x2, "d941db19fe7d87c4"}, 0x9, 0x2)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x21, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf385fccd602bf963edaae01ebd125510bbe75beac077af773c5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6bb1d491df7b94a181bdc9052ea2126eaab127b2e898f8a16cd25e4476365c42acede8cbe3bc15a1b726fad0a38c1995552b8dc3f6ebc5f8df3e3994df918de878ba1cd83e2d27b6d952915e1efa06bfa507f54fb34aec303d5f235a3c404360f97fe6496e83dd475c8aed1449a31d117c250c14e2b95859d62c1d54d967bac2270d8a65c4222a073c8198869cf125677a6650f1"], 0x48}}, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000300)={0x1, 0x7fff, 0x80000001, 0x0, 0xc, "0e6c625b163366516229f22bf74f304f5c81c8"})
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280)='devlink\x00')
sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="53e60000000000000000220000000e0001006e657464657673696d0000000f0002006e657464f5cbdc6a6d30000008000300000000000600040000000000"], 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(r3, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r6, 0x400, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x815}, 0x20040000)

[ 1213.208023] Bluetooth: Unknown HCI packet type 5e
[ 1213.208233] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1213.213092] Bluetooth: Unknown HCI packet type 43
[ 1213.237414] audit: type=1804 audit(1586318073.778:140): pid=18042 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/301/bus" dev="sda1" ino=15924 res=1
[ 1213.279897] Bluetooth: Unknown HCI packet type 5e
[ 1213.282640] Bluetooth: Unknown HCI packet type 5e
[ 1213.293136] Bluetooth: Unknown HCI packet type 43
[ 1213.300213] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1213.319527] Bluetooth: Unknown HCI packet type 50
[ 1213.328410] Bluetooth: Unknown HCI packet type 5e
[ 1213.334922] FAT-fs (loop4): bogus number of reserved sectors
[ 1213.343999] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1213.352290] Bluetooth: Unknown HCI packet type 5e
[ 1213.367661] Bluetooth: Unknown HCI packet type 50
[ 1213.368400] FAT-fs (loop4): Can't find a valid FAT filesystem
03:54:34 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(0x0, 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1213.386956] Bluetooth: Unknown HCI packet type 5e
[ 1213.389206] Bluetooth: Unknown HCI packet type 40
[ 1213.411384] Bluetooth: Unknown HCI packet type 40
03:54:34 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:54:34 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

[ 1213.983055] audit: type=1804 audit(1586318074.518:141): pid=18056 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/301/bus" dev="sda1" ino=15924 res=1
03:54:34 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(0xffffffffffffffff)
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r0, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:54:34 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="eb1678b3b4d1b79d0fe6a59885f9359c73dc7b115eeb3ad0b2f9fb077d88af32fe7f52510cd2811c6731b5689b26767f3f7f48a241bd5932d2fe81afab365bb8f689313511be8f4fdb38778c30fc8e8f7c4556c433031c8082ac31c0f5f3a0fefb584ccdb2a5095d877ec4c5631422dcf36ba9ab283b59ff8b77736e85db1662ec6c0c7ba19e75216ea1e57ec805e672be4e1d88ef1d097191d52a5b0f4e56885c2ea2f188bdc65f314a697bcc9814", 0xaf}, {&(0x7f00000001c0)="19f3b613f2601981c6aa50707d2852461ecffb5c16ad3611ba3e7431187eaece7fa6926cedd4e8e1dc2ef6512d4eacb555c7d33d9e1514296be3aef13291788e94d320", 0x43}, {&(0x7f0000000240)="e819971a9fddcc79b38047d2f0d3ac5ade9986f53f2c32fb35865ac43633bae314c1a7259abfcd4e9c1a8c9e856b1c2ab24b85fd45bf15e70d68f03a3b55bb342bdac23758fc9d775cd546808a3bc7895ebb4f6d714800d3183ab8850ea4ab8624693d28c45ce29a31d33a4359598a9621348d74228d27e3863251f97861a4535b8f327aba47bb", 0x87}, {&(0x7f0000000380)="70af331e9483efb1cf2a41669bd6b5c7781ef38efa8b66c02fe4c881a984669c82632a32f1b724d5c4402c11a53da21c5e15365984fa603ceada2390aa66e75656e1ae1bdef21bd56790e773ade9ecce2709f1b8e48709d581815bc4d0dac143a7df20415aa7062ec66d438f0cc2d0db99d9f5b2c53d9aa8cf69d3144f69e0a728b12ba83480eff5", 0x88}], 0x4, &(0x7f00000006c0)=[{0x1010, 0x3a, 0x2, "d14a249d3826f61847db965ff7d88aee7c7764c9156bd70137c330fafc85c4c8bcbb4c612cbad6a633ef3bee2fdd3cd85a11214c3fc3dcbf95dbc26ae7277638d7f7ebe991ed6d56c642bb6cca01c322faf85577ade4982f932a3d8f1c3b0afcd2bf2663d8845ecbf97e0c8511f7cea031c7fac04c2ab26d8c51678270617b609c1f925fe7fc8add83ded6c4de4d60e1571026cabc61b56647b373635595ba33cd10a095efea11bb3fb70b7824014dee466d9ed291027f1c081a696a8f43ed6bfdd59a55f84ac9a766d95228ee544a8742378f29decb96fd29b3ec7c308ad6bb9a1769f073cc2197bc11f78804239b02e707aeacfa9bdec51e094d02b59f321076ded1d77348e828b20e4d67467e34957550f9f31cdeb863061cc3783c25cfdb1bcb231a1edd3f14a04cd75a66e033b5fa4d34dbf500db7f8ebad754864a7d1aa4d3c5a29412b3b06cefb95bf0dc67a26ad32d72435524a010a9577c14f09c83ef489470044c6a044bbedc88141a81c912b9cd8e5312bfb3862ea9e648494fca3ea823cf07cdb5ee3415af22d1ded2c3617037cc186c0a2e89090340010611bcc4f242f90500ba0ff1ddd4a7f1cab8475ab196d2e6e863725f93129aab9fbc95a98771264241359db18b091a39b9845307d48b61cd173d58a2f1401257d31ccb30c69d2cab42f5c9eee1d7c14070b7e861d7ba864f88027b1bb6713472de472cac4eef0503db4af9a31025236a4586a6be5fcaa0ff7d39a00d391722e9c8d9f96650113c9afbfefabead22f23fa9695ee8de9bffb3f7d2f1dadee78029d0b34705642edc03a72b83b40faacd362643339935293d8f60ad14c7c27cf91c543938ec8f7066983a6e6c7ba7094e559ede18fa5411aadcdb4ea2c77cb9d90ed9e33d855f1afa4829b9f2a2c21dd9c38421a9db5ff46393e48d4bc9f780974a4716aabb4d5ac9ba85c3d1714475cd41c5280bb4196af0de9e2f4d392f6cf1e3fbc68a0680146f5745b35cf16b192491793fed5da348be51f5aec2ee180e7a7bb41a21729934735e57f4c03679b51e60b7b474dc5791598d61a93c7c62452d57faa384f8016ca97060444233262f9635c0cd8d9a4a20800882f853140c7bb46657b0847c59b4c3eac925a07a5f610676334f1b30f57af00731f928adaa29537c1665037651ce0ecbd58f8f03d166eca3c5d29b4fb3112878e26c498d02125f6c6936b9116a0d9c8677895f23152ac37751e9ae88e5828d45509e74883f1f4573247afae31e6f30881bf0eeef9fd61fb9418fdd8bba3a10fa23a947ad7a16a324409ec67da00189764694f93b83537073b1ea817de8bf9d1ede26d37ac8c18abede481854498a6e3c49a27a0c16b8810b64c5d944d40f678216f93a8b9a52616de0437e9581734f8b06e4e3d89e3bdf584e787b91aa654cdf69867ec939b9b725727478661e50965947719b19510a36f71042fe368fd45391d3d3a3d645c0da35f15577140b7163c13e1fa9df1d27b46eebaab85807ba82db2721c791ba71b9d993fe80e2cd212532fdfae80a846c6ac333fec6da30d71e97ce51aa457506d8cbebf27fea3eb91403c2db105ab2257ca5f30ff518db0b0c1ac01796993b37138c514a50ff9a221c89444b5c21ab325feedd8362d87f1d22285a0dcaccd61f00f06c899442b9963eb826a75d5757484dc9677338fca6de90e9235b5cbcb77d6fc5ade9d610ee4f57d88d4ba27b831616289df6436c66f4664a8aeb6af7c5efc65aeea14b385fce58903b099cfda87415e68e8a1fdd8ae506341852aedb583585276ff833c8eb7420d2a33af7c23f07fb7d4d7d2992d10e2f348995abca8642ed31be9b497f4aff2b984530c40fef69515375deb31b5cc9c35970000ec2ed98a369880c1d518d7b19dad0e8584147d9d2718e07dad77326af87dc3a774a4fb2c46567b8f7c847da487edb1184d0740c3b9898788dca0abfc196fb16f01dd5678cd356778b4ecd9ff5d53f6091f5fb41ae46db6d7a46798a294d826cf8074bfeaf7554e0fab4a78de9f8b7ea109c32c3c3c5c308d84853e20e20256f355f69b7b5b6002084a30943650873837f71e77bf4c0af5b72bc927c94a87701d3e29ac98a3ba297da62db967d823a79da0acde5a808eacc2c057370c97c3983b616134b9856855507c0df135b4dc9118d322ec9a93711f0761c878993fff876b4c083c9c5d9c666d2731d3f4a78d604a2c183084e51f797df1d8fb181429280bc5f6151d73297f474348eac55ca3d53d8acfdcdf0f1e2049ec8b7d95b82614eb292fafffe44e6076ef9280a80f7f97754c85485a9d4a766ee879d9a6c1c527fe7ca904f422dee108d993b6e80ffb6a5f50d448ad5777e0ed093094f7a1df707f24c67b41a41455c4f47689fbd27486a767d74b5c2e3731abb2b8bc524b849612f85a20b8eaeb842f2160168e6d1fc35cae885e65ca8c6f53960ae165d251f091cbaa9fa07450aff5b0cdeaf05d8f3d3237f14f9b867bf05705980febfd78f0445b129cdd515917e0fe69cb128ef2497da0e5f6015ffcabd51ad9f70fd7ea925ce45af9e8e5621e801656cdf62204a9af138d69af262cf09d238688489d56341fb67b14a633df343d03eece742bd4b2e7d64d3773765bcb7d2fe1995e06d1cec2e30e283f45fea16cc8a3cd7acfebc5911f299f57d4cc20f9a3f07573e0a8ca442db0b41b76870f0e53986c833b14d168ed634e2a3b70ba22bea62fec7f100c467e3a6e7f45e849c5f5e0f22294a064f483a253926a8492033c36e17269961bfb5c62f391a299c6be30205d44400c9cd32a491dda42727450cfcd6c3fee2e7ec529f4f11b9b320524306ffa3ec9d86b1ff17fb5741e3b28545d49608fd8845ebdb6e7dc46f0c47b9b918e76af676c2a0a07774ed93991d69c762c8abd24d5e59f744c61417151f4f605bf0047870022897b5c0a35f3db294a594e10087d9211e7c8c0261d695faaa6caecfe506c44e3e4bc84d5a524d0a204843aeb5637c40024591b06bcebdbbc477b21274e3a97fa91e5df98bbb055061325413d0d6a575711995bc5fce43b29482b77f52cf150e2e66c5e35a93aeff4f0e75ea070bc5320975f0280b153aac7fd6ba97b8c80544d87165b096d9d662236417376aa48b98b8e1433a247d0cafb7195ccdef0e1f10b587094bd80ec2908af2809d71f1967fb097c2f4d30a9237b4de486b57c3b587ddfa962a258937c1f1e64d557ac1e3a578fe66cc1699873f02ccad73533045f3bc68502440a7e32703e545dd0c223fd8f2264283029b4cdb0f80c9caaf7cce8229417c2a23bcdd0a58af0e724e29987a1fe340b0c8e9693d0da08343e7d87bad459d9186bac8959a6b04ecac8fbd96c894ef7595236fe3cc1907e5f4d7a488131b11a4f2c56b987a0c7116220ff38ccf4defcdfb88e1dced51c69f3376f0203f66aaf02faec29e4d85cdeb3c092833570996170f469786f2d08efa5c2dc557f3b06e49675f71d2f17e7ef04f7725e5f2730953e9a4f6c3ec2eada1eee46861e4aaab7b39b770401c4af721b30bf99bc45291924b02417eb276c37849d1233ead0d87cba5978b1635629f41473248c37aefc0a07e1e830dd3204ff56f7fc4c732eeb223a0f3bfe2a773c53ac499ed9104a88298893f6a444e0a05ea19220cec0d0a96b820272ac291e80c568cc99164bbd5c8918ee4d6dd2f4e5eafb25eebaf4a7936de98f1ab9cef82e1378c406f1e6789b31b56f5c6104f5383eb56a3067f36690c646229bc8d4d937cd090c72402e10b60d7b809da8ae7db68621b9b80f6b56602b0715ac5937092e5a79fbb4f123ebcf3ac510543bc49b9339dd042cd7772a2d1e4726193a2a73b133dafc0a9055938411eb5361d2c96693090653321a48f10d003dea4aa46251f83c172c589ddd3fd3f67da08fa22d49f017673832107c92a1774ecdeb141cdc0ebae805496554723fdafd6bbd138960c1c36f910388c9ceb54703757f5e6303838875f140a5d801431ec471eff6f9ac1cf932ad3b9fd478bb2cd719701facf408aa35b0ab88b9ca4cd8b8c2bba6177703177ad4f7f1841b56cf2b6171b97ce159bb4297341902848e003f53179eb9fbb30548bbc8562dad0d9d85bfed8ed13349860f879e3de715cac8f67fe75989dcd5c477f0c95a72b22878afa74e7e5e397e9dab04434fa1598a7b3785bc402a01116298f7837fd57dc4e7a67199bde274da6e02c8dd8960b62186707e24560bcae2008145348bd206bdc34e320ce9739088053a059c0f1f17edecb8bbf819897ebbfb63762e6c9447ded6e159ca748a7a28a3d7f9bb77810604227ba8465a3115cba48dc45ab8a06b66c650f478dc3b615fc6cae1ff52affa53e3e142d1be214deda266bc775ef072b8f6aa4b85e1bb991e2839f236e7d4fd81efdd0b215b37093b9d3747f496699247073221842efc416b278aaf613f9080156ea113a24efb81e0a0a33ee3b747edb6c81f6b413205e65f6f5ee784e8a0b5c686217c54227f7191fb2830465f0e90815cdb791c10780a924e9111071507cf4b3156fd151163342479c389cf47e744c773fa524f8b3858249a369fe969e860bf7a4702d2aea31aa38fc83320c0fff18c67b91c36f92f3387eb0cf39562ac98143943dbeaab672a16a9bee204f7558f42e50265053f22b7d935e7287742485382a3f745959f001db3f5a804c13291be244b4894e270cde249a6908864a05c248d4219b2c73242de6a6629fd0c3843bd0a81de2bf734002989f4cecf5a548ec479269739edb33baba075507c02a38a8674d0bdc81f3e3745b4139270ad5918997d3472ef450d9fbe14cac89e382afe45c728d4206205528f0a56a1e3e4cbb88b0c8b49ff623ade12ef820c8a8769615bd2ad9f918c0116781bc7bbc3c900195b693a1f871f33878b221d2389029b206e8e76a2d8b68202ccff671107a2c1dc7544f6c711e0f976fb5d6d460ef61716f5fe353a2491b3d1eca0b317666117e6caba72d79065c0c605080fdbd65e0824c500c3e0925a38e4e5c7c1be0231b640effa7a7acea53f30341a622d7a985cc01d4b292580f37813da8bb6be859e21f8c334a4c97ceaee3baff2daebd51446b709f7cb8416ac4ad2cad3946bc5fc1b5031a9b34dd64570b2cc14ed7afd2beeac6dab5a8061ae682d545f886f1be393b98ea8f078f4125043f2fa31e7fd395db47f5fce38ebcb806eef84dfbcb7f0d8254239b87bb5de9353403171132942d54e6181b6c6cfe12dc3ec4b197433626c56f33bafa8b0ecc30a4215531fa06a22a250529b5b93b60b74f2a2bccc84c8931b45cd3f9a4527a213e37d92a604beeabf833d64620843e6efd65aac54daf796ccdd7c2fa18e47013573e7c8e35db56fa8681785fbf3b0edcb68439910d2eb55c7600667b0f5b3cd7d096f9b5b7d4a18fb0863f4ccba59dd8754ce510216d480cd8f87822c083f9692c75a53e9ef569e23752aedb0f0661a21c38b0fce8137b0dedb334ba77ec21374e974828670bd519aa316ac18530568288bf1fc15f23f74422f1192a02600ae85e149f79d304e8541ddd9f1855b64e0429d999aca4cad858231b17980f02e0e5ed945bedcb8f044853fd407d462e9eebcdd44f0306d7dd1a9b79818e0a4731cd97461ab8586e6ece2dbc3f967b7ff2408ce65a7c3ccf972bc1f94c58aa09145c999cd7b4af4bfb6e8e26ea1500c5a7a311e4a1f869ac07775bc0e7753c4332209cf586736ec3468f2af7b1bb13d9f6d89514b938cbc6ddecb0192271d0b373868ed857"}, {0x90, 0x10f, 0x7f, "68a6c707092fe4f269e400f2b06bdb3c0c8e4c21460082deb76bbb4b1b6bdbc0183338a61ba5af73d58ddf8028e26b13c1f29c366d62c895c85df9f13edf1a7b6f93cbb3284b836fe41952d817acd82359c42fe2f76be5f0f818d48372393ae14791198087d2b6237588672936e7049a0803568856fee83648f7a0d4"}, {0x1010, 0x119, 0x5, "8c450763ee321de19d3acaad1cabfed5c5c1a4f5512288a8f1ca07128fcd0b7791a907b9bcc4ced8a183316f3004d950d1aade21bedcdb14620f0355e697a333bcce509129aea573e9fadca628f5d48d9701ee8f762c54744f2071e54d8dcaaa9489b6c3e4f13dcadf0a9af9ea45b33f6df003f1dacfdbac316bc3b1baa41fbeab68961918570fe58198bba080f268551e8fea9cba461335a949397239126ef57aefac8f2eb66400dbee1856afc7dcf6fca9fa57063e4064f048ca462c2e449c17240cc9c474009a1bf14c058c816afded13206a589fa4bc4ab199a6a93f0364b3f1c8f091f643f533a30ebd36581e7d3b985bc73743393d48a6b641b353706979f523fc2c5a4b45230afea4da4f432223a5f038cdb0b74d381fc38acddd0b22cc09e3950f7b25e8b2da281bb209a01060e6c7e458d51a8526a5ad0b08dda8a32829cefa3856ecdef447fc97b0d462333805214ed2a7f4d411d5c7b0f62cfcab6ab19c671104379ba61cb7b7ff06e5381862b773027b6dbcbc1f968054678282d698b2fc3e3279e5c18d045f886e536bba1af6bd032d57d58d24aa9f42785c145c96ebab8430835767cae52ff8ac80323b0919a340eaca3df6b3842c0fe892a3d3e8591479780ef3d876d7a29d9f507b7ed46a6a34587b78168498130d96b14eef56f7205c090a7ff95640e6c8ef4086436b5d843cad611fb64bd7466451fdcdf011263a486025a4500999537821b538ff42531cee6b3a66c0939eca58029bc69207be4211e55d907192e4f26cc449f013c522b81981b45fcafa6b429c39db5734d56e2f0d8ebc1e1f2fa803935fdb91d971216ece9259bf8d02d92373c721ef783f681080f088920fdc82e45cf501c26d0fa6ed8a99ad2965ad2f47840b7d77e2201c7437d1540e40ee8fc7852db7532db4ba70d91946dbf4c4e3ebf72ca210390aac206ba9a041cf6acbd3951606f3154a2561d8d8a5d277d9b033bcc25615bbf1cdfe957db5a94791ad6e72c227ff94d6d934e35525405e9b279147bd5efce414ed82c2443dfc11d124180675ebcfded9f3b267703fb4c833c979f836e5ba76effa8b3ba1ad3d0ecea2860d4147f977ea682d7889c415ed1b4fc581bcbdcd5d0b0b1791ee0556580c992b4bc2ff89d9b37117e1b5a1a7420b388d327028fce1dbb6b3ae5d77e803d8b7a29abab717ef909da57246cc04c5d5715b5704c85586fc6e4ec91ad77dca8ca7b373b7ea4595697736c1383ec1b1d2664fc26818cecb51a4b568af8260048ec9e150251cdd5eaa04744952567ab4edf998a52dd1df7dfbaff3c7c5f73b23f15c93bf5a5fda155a597ec75f7eb116971ac2ff92c271a5b2b236660f744bef2e90af39a2fb6f787365cf7a033a72c9de1201d5f445fd9847d317665d3ae6ce63fab0009a281817dbd1f1af1a19cb21bc716691638a4865c98578e2eac7a67fae62c225796921c48f933b7505dea4f192fbb26fa0e41be1d1fee2a5877c9c8cc5beed64d2373ba1c776406f0c671cdaf020a7c2fc11eee0d1d3ce21ec349afe82f1007d73f76c673e60f261107c2e33da1f1bf39888a72916cae60597eb1d0e5e28e97c0d3dc798da195cb9048098116956ffb60e7d7d4c54ab891b1ec9b05396c5d3130b582b94ee0abe371d0e4c5a70d0651a2c7c50b3ccd91203067175aa5cf18df781bfab519f6a7e852185853dfc15cf5be149d81a7e6ada6f50f28d8e987b76b7015430804b9f3cd01439d9f91e7515bab61ade8f94e79ca0ce127a6059a6972f8c4772b252b7ac31ac392fabb14ef2dca3aa6123c3fb3c9a505be935ed8f067c9756a0928b2b5d5187bd3e802fe11f857b8e2413918e29b92aae26369f006d75979f79f2bb05e237cbc7db37b35705aac2cf1c4f8f4a3884ad0879edff08271dadccefc8d4833a3e60a0fdcdc7fbea37632d6d5b62ca9b930f4e8afdd6612c5c3b9200929143436fc9add9385d24aaa63ada9ad3a3f2aa4bbe5ad8a5aa94a1c1b6985730bd6b8d3ebdc50bbb8b23f8433c073a074aa2b91baf05122511126b20d2436ce050724c59cf0a364b1bb84891c0d745a8bfed34985c9e4f11e4b088864526de4191b52b12ad11a45ff4e83dded0d02081240108ec52743d68c2ffc53ad6947989940830eff749c6685af14bc5006cc56e61457f7128e85c2107440d4c3c7ec0bc7c42c29c1802718050af8f983f08fb5245c2926cc5d3ac6d10de1ac281ea06987860082cf39c780549a0d662ba9538c0c5d26b4072b1953e326458a0d2dbe7f72180fa529d792a355e66998ba7f631b94d4c6525060720ab308a2063a084f1fdef9d40a072b3401cf988d1cd415774d19173e9caec66399ef74b897ddd757c6249e462b6b2da35c9c652569ed3a57829038c8c797357c48dad8ca16b3aa86f79673c03c998de39ec442d0504a9796c83ab3678e445ec189574053455ce886f20c11ba63819f5afb968e3679704c27333ec1bd14adb5d643a24c7fb4837fb640e8be33826fa9fcead38281af1b727474662a60c36606df32359e7e9cc85acbd64d8dfcaa1f6ad255936d7a0ef9614983f2756b1138ea5900afcc66790ec6f8847f28292a6a59ecccae22599d1dd5f7a9a7f1501d73f6efdd1abe1cf63aa2d478a7871041879a25c468c2441fb4a34feaaf25d1b4aae86af17c565e331e14889bde4aa9dede244874f8d500f9cf2c597828b18566a4f99eadf1d66fd686cba492fd674abb492c79dedf6fcf54b4df9c50cad82680fbf2cc835d1ed6f046ac26e4cac3ecaed1a71258c8997c40499a704d14303d0121822db104e718a4196aa0cfec7eea542911e2576b91fab6f30695b13126c666593f29a5a4d0aa51d305cf2309e7a598e10e719f05e1d0b37507103aeb045ffe82c0dc5e0bfa449ec35240898b8af00dc4197b80fdba179aaa3ca547d510d78273f45bf0909bf5ee51675562af553695f24320584f239a537610cf0ad48fb6ee51be3078fcaa8606f6556e80ea3b004f92006d657c3f6a6d0cf6f9ba9d0f7e22c00d6c4648b9a717d7a0bf17becb5fa344c1f07ffc654fd2239dd9bce7f771762c08eb1972ea7129087f85d0fe394454907c89e337ff3c8b8fda57a0e0242b41e662706d0514e9cc82734f1e78ca7d50689e961279b6b7817fa9c7cbb981263d0f43a1d5616a9fb64898aa5f36e83a343c6583fd4991f3ecb980a7b9d71b1b992a8cabd1cc2429d89e4accca5f774221940c9bb60aca4a878c2a886f6bd2bf4cde6d474c67cff8845e0c0eb6aebb30e97c666f9090dc5a8f366a2a7b4ce309345c95a2c2d140ff7483212eb1698f846911cefff28ed705762a889a84345c69d44bd896d2a4cee82dd33c51a7c9081216985e99040b8e49a1897ad9c4bb5afe664661429303fadc32b7d8dd374899b98d8da262ffa3b2b8a0792124b18d19ec889d9dd2a03c52de5ea91c1258d50121dbd018c5994bdc778efef0292dd24e56b85b8059949144f5673e5452ff27f065a2ec1c36e93f49349e7fd25dfe345a8f2838d3800268c7e9c5a5f84596066360046157b8aaaa62546ed2a210d300bc5eef3dcb0385d3b9687ab85e23952111d654b5946b7b319b78eea83aab87a275f84e14509fe8d4e1ba9133b31f4323587180e3e0b60fd5e410421ede4912e6dbcc527baa276487b97073f9d72a06fa274732464eed1e64dc07e27b28e26fd82ff5dd984b74a4c32928e87bf9bba47bd9f54ad2bd679cb475726d34e3674cbc18f6a4d764aca50e401d0d03d9f4555fbb68b28fb1f2404d1b95766f6d20a258102c2d81e9a2f38ba9911a07ce83d406c3afdecbcdf611c3d6b6446f7826f6e88bef739a0081b233d1e37de46d810368d29de8c8b8e5d5d3fbb2026e280ee00ea62335b048528fa2e6511c3f3eea0cc983fdc3ea39437c67b8aa1d638fa52d9d87e98c0d4c712b851b8b5cee68831f1c4510ef6bc7ae3b751044f855000f03c94c63ccc7360160902b680b51f74924521fd660dcaa7309af9c732a4afb7ed8d4599580c495b6176a75aa58eac92d700b211ff8b80fa760f67b963a049191012205c061bef220b9329ea4963d37f341d71a5189da33f18f6f1db0a512f45927773b16c3a82a09df6cad09d06933aa1607ed02730b37054d7168df53672e45414868efb5483284c3914c8018a79e1e8a21dc794dfc81dc21da911fcb92a242b8206097fba752909ae0bc048970c12ff00f0aa287d223148d307d836ce8ce224c6e5748e44a0b4be9c0a02e79eb3b6f4789b833a0d8133806326b86ca3d63e07726a60c9b51ccd98fdf4607532975e88a3ebf53b9a4d2e5cd07fcaa8a5d0786556d630d6c7fb56c3f707a87734ca80f37042eff4fd90e2f30b9c4b9d7ddbfe57d7ed1380f345cacebd1995219228091853c345df6d88d306079bee47d0afbac3e2c5a005db3bb857b2a6ef65e882836b223086a86061a6d6244bb7d5cd0e8cf95c7df5865ea6a2cd66129aef46822478c7ff8bc0ab46e29efc37cff28bea25680e1c44f8e1d22ab8cf6f1dcc93a91353f688f9b36043540e9af993efb419a0df6ba27aa11897126af5af3899bc55e46be9215bb7ab91eff45105319397ce81ddc1905af89ec7ed822dd5d8a8736ed2371f7c719c8a64c5b890556169de70bedb767a5e5c59a8b16c3afd3759e88c137f73ad684d85957dead56858a76db507cc1162e32fdca3695199eeb6a9ee7ee0aff27fb4bd615658b303b328ce5ab5b981ddd2754bf883b8dc2271ad0f916c7ccaf017c95223887d914948ba6b5a8d7be2f0d25c06b4359a8b58c051bc2d58e0ab8834d497c1551f70a8b7f574b6e972bf00e86c521bc077b0d8dacb6df441a1d21b59e3035105d73cc62d453f9efd6fb2be6157980a07a7594656dd5d9e1ec2261b201bcf78db49391f89d2bd16acb92573538e14a2824fe8378442f7c3334dbd5010ba184457af095cd1ba89c802e75bde9b8e953a4c2fe5bf21a33727d16fe15b92b78aab0e1bc598bbcb0f1b58c2e6bdae78c61fb2b1fecd5957ece3c05860f93d0e3e24766ace164cfaf1830db896857d2d23c3af9e2cf595b1f0b47fb407bcbb8a60520eec3d5971258536d1a2a794660df95e1515f5be069ac68110aa311c610c83cc2c031c02dbdd51e6d074ee3551e07f6ef1207b85aabded03b8151ecee60ef753e2916b0b2369f68ca6be3681b90a9b9217191778502e2a3e36dce202efdc69e3fdb4824c24784949f39978bf2fd9d7491cd394555b4fd767a716c3760341c520dd0daff4349dad0d58e1a5ecbb26f70b3033fbdf0feebb409918db55f9fbef7649597433ef591006502da93b469619bfe724151bf7c0000bed7aaf5a6a5c39dc1ceb2b1d8f132e224d3a7dfd9f8a985cd5c6eb34b6875eb82eacb96fb661d80a74c14bf760490b05839fc30374de26d537e1607e4ee5b6476778a1b8e035d8b4b2a3f032262948be355d759716b328283f901913311a99f40809c2230603975d23cea54a206f783640ec20ac7bbd662b7e983e193a34c6defa4fe89b9d9e6614ecdbf6e4de522ba20b842780b215ea9abc342b5ac1cc57746d55b0b536766bf2ebcb1ccaa01f89e0f8b7b9b5783bd5ec9bdad7f3fa340ab5c5bd8a908982fd60c6ad1ddd10c7a965e28a0695d309f5fabb69657046f0cb06ed036ad9c153e74d2aa1dcb2d583a4a4b25918c3c24c16afeef9314efe5d4e51a72248031f4ae81e9623eb4360365ffe7aa03811b203664084753181faedb24ce473559e196f0274a60fe67407749e0b715420"}, {0x50, 0x88, 0x482, "5241f0d4be8c237e84403d3239d7aeb82ec3573d46766f25e4986312d55e511a2d16b8074ea05f36440429d4de4035f2b6efc6709ccc224a0e219bffa20c53"}, {0xa8, 0x114, 0x4, "4daf8a132cb8d49690d466c8c06215b319d08c95cf06aa561240e30b1267f986f98d9c804703291714ea17c330d48107e089226567a1998a29d41ac1fb0801f0b8ddb2d14c1ada29b3f2db7008f0ee814233c89bfdcb627b0158eda3ca5dd88c277488d93c7c72c5248523e35de6ff6642192de1ffc2db81955b08a02c2f1464704655c747a641ea1fe278ddf69304f22b794692389e"}, {0x80, 0x111, 0x1f, "651fa8fa0b2e896011c4107b33a7a2eef563c2b537244caa1a07ed414eb4cd8fe9294a5e5d6cfc7c376ad74c0aa39a5c34f239e39c33de1ec19980538c100fb5f22604809e54ab145892e7fd35fd2f39e05c3df9639f705f7dd275d6970b5a18fc48ad11d6d853a45a3d"}, {0xb0, 0x1, 0xbd9200, "a17514b9a44bf7b6de8e3b07ccaa5797333ba78aa00cbeb6193b0c32da38f01a5a8ef74fad2ba992de9de186abd650d82827869a2ed217e6982a1429124f907ad71dddc97726121ac69fd6e6a2820a028e64190cb781365531b1e9c876dabc994e4fd1ca830db94c6adfba933b4ad3437518cbee3b644189d1fd6bfe74b06bfada575ab21008890e3c9d81911ad3e9464772dfaeb3a3b055ebafe8"}, {0x98, 0x10d, 0x5, "54c378086768903c106c671e9d3048e61c8e46779b057fb5009b8153f5e22e8edebc6b51375e3c6cefd0c4ffc1d7024190b0e0d8516412aa4a2dc8955ca344e3a34055fa496ab8bf7d5d49d7d12ff30529535455ec6417c82762e7605f135afc2904d51f82a2e3a3758f2c0bc759ad1db6205507f8bb52c0d4f9f8f66a7fabb474ebffec"}, {0x1010, 0x10b, 0x5, "18ebaccdb5e5172d826c099009ba05bed349b9e5449f6cc1a5fe781850dcedd1f69a03bbe12070f6e827858d1d6a87ea139954017e585ac9fdb38d9dec6dcf56b254a57221ed046ae468560ccf4b770984cced368da4ab271ff1502073ebc9d89ce5d8a486d99e1882ea0877b3a31fff06223c7dedd25d740c94bb457e4aabc4e8edb136c33be3e8fdec45b098973302a08f3be3d6ecb88625622ddd921557e80ea7d571f509584c9c52a84148e8440f0b6ca6af59dae37fee73bb0e3e43c8044533d806030a326db762da854b8b2685fd83ee539db2b2596194ff9239336b03aeb6311c3eb8bbb58101650e107f97d7686310dc25d5a64d67671966e0f52c67aee494d128f850ab635b771e4993d4b0f730e7f47bc7bcef8026c6467298d4c3b59f4729b0b7bfb9faeeb414b9c6f1a7754291b99a6f5c78c3937e1cc15911118a1f580b1bb9658ca335a3a8f87b641f03defd3850becf8a15bab82e34f6d2123756e4d4cfb8b9d5396e81cbf891c9924fc2f7f26a26af85ba04f50b0518bd2cb6885991ae9fbb26eae6515594ce1c7647f5a7fea0a2f6772348c08926b162213d05d0c5b5d358b7fbd5cd28b8e96f09f81730e3ad928aea676f3cef89bbc8f2c2ae1dfc9b08c3f318509420ba9ce99d889af7510e6a72c3aac8cf41a3e9bb6e6c191134ca39b7320e612f81e52f1699928d739c6e7616f82270d2290ed1579a19f913f0b4763ab8f7b195e1fc3d99714a5225eacc7163086be0b9c0f51ac3c7b521833c49672cd3b8a788ada7d2ac2fc0dea41c48325aa25d707ee020801f9fc52b63e7c1922baf38978c77132bd9bdc5ff0b57f728ac6186ee0a60e59d187c0ab0abb31d68ec51f61f4bc2e93ab4a65bf03c28733c7a5fd3b286d2a7e662c02d537ed913db1c98ac409213758d03d0c50a89d7ea0868b9d978843ec26425cfcaed68c8eca50ddbdf79558fd49ebae7ee2b3c5e6a61fb77a94cf6411381c10cefd1bbb7bd4cab0cd46fe7f092a9bace14ff2c0bcef87dcf87d496136a6560d18b3ad1ba8cf25370afef7868d8d6eb5cfda8fde82183c0dc943c3fc2963c17244167fe69a5c7c2b24acab21a1252e06207c0a96ccb98f5282bb3c0d325c441dfa5235928f4fedf1a6b4565044c1ba0c04aa37421eefcc18d67b839c2e113d55be6f1fae3d404e8dba4c37e8e60b8588802d50888bc67e0931652fe6d6c3f9388a15ad1335047d30fbcfd0c53f4b94d10adf2a4277bda576c77bd66be5abefd6a45a31aece033f6744d87c64098998dd802be0d18497053e02b2b5c536c879e8ef01d15a5914f950cef7c207cb9268328adc825b987bb2f239697a88a86a7b0f23dd2000b17243635e52b17eed2dc1310cfe7c425dd6cd16611ca7aec0850d570576e90daaa891f68b6d8292be187dca8c73338725d836977b970789f1a3bf82962ce6eb2bb793bbbb26264f7ab0646103b724bacfb2fb12a2287ba3cd5da44a31124bc44758e8b0e79c0d37a700e62ca7a9c74689267c189e23b8709ee078a0cd95cd83f5aa62fd0ef97391ff1f7ac67e85a8d695aebfc0a4c77ec8d60b852718216c6bcfef720d844ac33faaa06b1dddac6449da5b3503ff075be026eb7810331312eee8fa7ad1014006b0e9007edbe48eabf631e3ad654e4cc68e6c1b839520465a6ceab741f8c77b7a26f7f4544648efb750ccd3eb01bfaf9dd0519d1a38dd8597c4321740c2643e25991c43b4d0ce279fa7448918309e76cfdbfd4359c41644dc0d701fa047ea6a4ddf0790b209b7be0467be21343f8e03a17eb8f0656a6952ffc24176b5e49f10eff4d3dd422e6559e2cd814b7f0e508a8a378786d1235e2f72908f8a73b869909774ce590a959a23d308b3df25d13e210d43ee0d1e0ee044b57015ae6d771785ba35fe0da6487b4d744f9c31a82c30d2e59d05b081ceecfe6c332301c9d47d5fe92ffdf411a59322b839155f4204c8b058058bfebe6560034ef399c85cebb85567a0a1e0f78cca7a5531cea503515c84ec24c216563d3af43ce946707167b17635ac99f19413b280ced62358b0836de76240faf12cde6be5f2fc554a14e6c19074dd2bf67e251807d80f71d78e084e4a9a0b44fc2a593affc65dba73e06d191aeac9659620e9f007166094755da30aa02f74a78189a10b99086d8ca771f327500b7d012122f036ebae884df478ef5e0999885f4edc65fb956aa43fd4aecd6101f9776558c7ee21ca61d0775ca0d4d5014f67f9dbb0000c73317da155c5a14ec0c3bb6c5bc79a7213cbdb584c45d90e1f1fbbd9bd803c655228a0072fed63526722605d6a21958601a92be61e147c0ce8f3a68d924e42b7eee6ff81fe102990c5f7ff06722b560f3749c82a05d0eb1f70c5f6812a81b52297fe4adc2192025ad026db344cecd4b2d3dac287f641262f204f0ba81f18bc352eec9eb5a56634de21271cf1661efa8ad03fdd579a4e13ee2d70abb8a416a1382ae6b0f9fcb88f5854fb830bc3d80ed7d6f6084167d92eb9df9956d4f92b51204a63f117e67e152e74d72778fbc7c280c2e9d53167b931a2b5306d1a2b5a0085cebfd09f8ec6ed1d73a2b5dc041f9a9d9b4caf3d58054d3420edf6bacf2cde22fdd7e1e027a48b3f12d04708bbd567be10eaef9ee58553b4f03f7cbbc1b630ed71d61d521e30d4f9fe13e3992bdbf596582fb9eb763e4deddc9ea9e72e9d8fb4f8a238b659d67e0ca45dc20f8827d8769ae79aceb7df5e5aae19d60c14710baac4b76f76877cf870d9a6c3f427730d0296d79a7c845dd2d5406d2c9bc60bc9c32f06fdc451dace8618403d0fb9c4abdefd57f1edf7aa2ef52636b31bafdb7f0dd9c3c995a476066945de129ca020d11b9d5cb5660d5e05143489cd9961f1030314c03c78b2cf9a94ff8c3348791cddd1ef109759d869ec0c90c5d22895da33b883cf4f2f565e7ac227825c53884062085dde21a82d871527b77ef7b1f66d4a9a63e8f7232dc52e582eea538ceba91cd5396e7c573dcaaf3b6e9777c8825ce0f0c67e679710d8aca3b06d309ddec1fd2c8c0a2401cafd8eee837673326591d79af10c6f8e9a439f5fe74403f2bf0cbf5a26c91985573ebb7f4c0c579dbf88245bb80898e094691e1f1e697621c3aef32f66a01fabcc608b17908580718463d86f3b36eeba69f7a039f7a0ba96bd6b91db7c5afd1be8cde7a779cecdcf4e0c7c8ac5ecd9f00e114af4ed153d253705eab65791fddf768f95773f4c6f4d2e65436919d838e7080fa8e53b0fce1a8636b3e6dde74832c9d8febae40b2442512541fcbe7dd63cb01d381d23adb73837906513f85116e97d6a4ca832c34af06a39789cff1ec82e50bcdf6a233a7acb8a053521806c3a5f0c4c7f0df175bf4ca83cc957492a7662d552f914029600739054edb3eaabbfdf40527b61e42d776bf7df57bbdc5ca9a2d8a81af29149528742002f72d7a039b793d787b03dde0ec32f8d2fbd2208b93129e26dce4f9315137327464536a7a77e75e81e0e5e8b1547e8049c750573f22deca15a792b841eac5d89fa309ef51254f8b7e58cd8a187d9243d208a7da51156f256ca8c054bce45e71683177260bb91cf5c6bf90ec32151a642a0af6db718755c6f006f2df34096b02b77da40a454cd44eae4e942579b84265009e2fdcbab9a1d885f070b110aee070d043f54a06bcde6df026e43d6b96703b6ae3ee7c1e6bb5f73c38276556feb114b5505f9b484c58c65c113e3e0d3dcbc9d0859e1cce4ed2e96e17e8a24ce3859860eb877d0844edcb15f89e9d4cea65dd41d617329cb062dcb14a2e430710fac69e7b58a0e04d729eddfd27198fb58e49caa935bcec3578cc23fa69a915aea6c3c62591bae6fe70bc91ddc65c76b976064180cb39e3ec847129bde7b9f28e409d521188f2985cd2b7b9fedff9eb6844e3514fb4cfe83bca88807ccc0dca436d5e3874753872a6885add616986ce98dde1b724b100b515ffaed7b8a5274f4e500a972175f7d62e4e5d77690f4ae74c4fa989aa3112f6eceb4f524ec9a0cee58ffb82b763deae78457f53fd8d5c8d058fa8397da2c2ea079ef21d3ff73710bf06cfe6cf5d0d5915d4af4fb02ded5928e4064b46eee329b8cd5254afc13a1fb5a136073d6313a0fbec61d41c579be771f5dab72cd364e1d345c14ce8337911cf636b2f805b28a0338606a7357662f30eb392506d6c4523c55840957f31cec54755e19ce2b0f862dcfa3fbc0312c59ee03273593bb8392013549f4ed1062663afbfc5e17f2b8637d8f1ac2747ffbf2fb20c36190fd7528cc6e65367e3127421608947da7ec9b76b61784203845aadfafc3c405a0b9400cc8544af37c15b9ad706ca51450a8e2c779c73818fbca0567ccdcf99d1e779b419b5f863040a215135ac25ef4c929a8338457769a720d9e11e612861042992b4f41e9eb22714524941ec77f8d9b0a4ae7c06fc65b1ad2b2a4d2a2431d9dcabcf95aedcc4b5428f61f6c52b9c84ef50342ffe077ca1e9d53bf3611ba1d4361a1dcc41d3725244cd674ac7e2c61ead77da21bf4136e730259f0f820bcd4f1dfd7a93562bc33fce9acd61a52368e2af08b5927b8cb551d4be3e0c911126673bff7e4734c66956a4a55ea82478935fe0b8c07d0ddf6998ec6f5211c88d009bf8b2c73799b5a2f6568a07cf2a78abb172b0b8a0ff64c4518efca229b0aa53f00f3bb5ede32d9c3c6d2d705ba0bf0365ebc57aff3c41d68cfe1ed1544e0c0bd211447218fb0e9d3e767593e5bc6b21ab59da1211eb6cb162e3040cba798f773e016182be02cdf7e6742da3258cbf61d67962055b7c787b14919a21e21fce2e1c8bb05ac37bb4d41d57d57b799d34bb534fd382fde30c542ec58d77ae466eb446b50246211b4d59ca6a89a320835d9d593815c99612c02770dfa15b6cd9701b44c16f61e1c0b25e75df68365e1651f19dac2b578f68057a736cbcf4f546ab6eaed193326d5fcee064130fdef4aec81864ca4e9f7a34969a86ad3f8cd09eff30bf32459994c2ce2c51cb6581227434bc81f72053fbbd9f5cd76db97d1683bcc8191eb7d37df840fa43825dc2ea7f924636a0089d92e822e99f4f32cb508e14193e1e24e58e53dc90a8932581801313ed8bfd977b4a0aa836e43e35a545f2f2843183ac66d8f83fd3957558266d43c069f508b8cce43745d07b402127a062cc196c6a7a2e8aa02cb03d6f2c7128ac701439aab827f637fc4390bead5149483706a3cc04ed37f547105e4f16c224d336bb46e0393a8b9984f579a34ca70449e561c6ebed09e734c5e83bc329e348e4d14acbe96fec67de25630ca109b56083482bce497cc0056c2cbbbc03ceb3b920e2305dff06c23075dc6fc9394f03400f4f9d4f7ee81be14ea7e8df54158954b2651ddd370d6659d5f9b55d776a75042e4283d97e71b4aa2680df2a723a1a2339eb9f7822d34a4e0aad92ce01c06953fba5f982361f50d15851798e45addbf0c82174f9f7dfa2f36dbd747c17e6364a0d13aee53ec5cf15ffac9e8c6f4505cfbe9ea4f7e13b4c663dbc9062911781d61797b17930bda6af11d3813ea9b07dc86066320532e57a6acc76b8ae5b4080bf34b843257d1cd02305d53bba0651930eb469e2607ddf15d8a4a7a9f4635cd03cb34a75bca863f73d59916b69a7477234c4aabbda28f1488660afda7ad5e50b021612edd67c4333671cb243bbe11c8253953e9b7aa2cb79a411c05a804a7a7cf928d429e55f4627de7ecea6da53dd6f869dada9d565487e2ea27518c881af8263c5ceaade4d"}, {0xc0, 0xdb0423eef068690c, 0x8, "c98b551fe03005d5001cb0a1f44be7662f61cea79a710b5440aa1cea12a5dedfb5171b1409c3d1d6998567f3d727ced27e79eff8e1a73e917465c19a0f3fe29908ab7fca94a50692c08cb45b840b45ed5b888c86b7c2aeb5b945a6370012bf530200685ece5282cd508fd2fb73d07175000bdd79a5502a1873ce465c1e4cd4ddc193d3214440bdf967dacb3bb979f0ac978601399b660ce4b70d18773d1f4c89c914fd1d407d7575472e822a0c"}], 0x3440}}], 0x1, 0x22000001)
dup(r0)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1214.205860] audit: type=1804 audit(1586318074.748:142): pid=18086 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/301/bus" dev="sda1" ino=15924 res=1
[ 1214.319899] FAT-fs (loop4): bogus number of reserved sectors
[ 1214.328752] FAT-fs (loop4): Can't find a valid FAT filesystem
03:54:34 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(0x0, 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1214.755584] Bluetooth: hci0 command 0x1001 tx timeout
[ 1214.760913] Bluetooth: hci0 sending frame failed (-49)
[ 1214.778926] audit: type=1804 audit(1586318075.318:143): pid=18123 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/324/bus" dev="sda1" ino=15810 res=1
[ 1214.894990] Bluetooth: Unknown HCI packet type 5e
[ 1215.225417] Bluetooth: hci1 command 0x1003 tx timeout
[ 1215.230747] Bluetooth: hci1 sending frame failed (-49)
[ 1215.305510] Bluetooth: hci2 command 0x1003 tx timeout
[ 1215.310857] Bluetooth: hci2 sending frame failed (-49)
[ 1216.825324] Bluetooth: hci0 command 0x1009 tx timeout
[ 1216.905376] Bluetooth: hci3 command 0x1003 tx timeout
[ 1216.910799] Bluetooth: hci3 sending frame failed (-49)
[ 1217.305284] Bluetooth: hci1 command 0x1001 tx timeout
[ 1217.310703] Bluetooth: hci1 sending frame failed (-49)
[ 1217.395233] Bluetooth: hci2 command 0x1001 tx timeout
[ 1217.400567] Bluetooth: hci2 sending frame failed (-49)
[ 1218.985281] Bluetooth: hci3 command 0x1001 tx timeout
[ 1218.990618] Bluetooth: hci3 sending frame failed (-49)
[ 1219.385099] Bluetooth: hci1 command 0x1009 tx timeout
[ 1219.465123] Bluetooth: hci2 command 0x1009 tx timeout
03:54:41 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

[ 1220.891047] Bluetooth: Unknown HCI packet type 5e
[ 1220.891071] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1220.900288] Bluetooth: Unknown HCI packet type 43
[ 1220.927123] Bluetooth: Unknown HCI packet type 5e
[ 1220.932640] Bluetooth: Unknown HCI packet type 50
[ 1220.943552] Bluetooth: Unknown HCI packet type 5e
[ 1220.949198] Bluetooth: Unknown HCI packet type 40
[ 1221.065018] Bluetooth: hci3 command 0x1009 tx timeout
[ 1222.904812] Bluetooth: hci0 command 0x1003 tx timeout
[ 1222.910150] Bluetooth: hci0 sending frame failed (-49)
[ 1224.984843] Bluetooth: hci0 command 0x1001 tx timeout
[ 1224.990207] Bluetooth: hci0 sending frame failed (-49)
03:54:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffe000/0x2000)=nil)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:54:45 executing program 4:
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x40041, 0x0)
r1 = dup(0xffffffffffffffff)
ioctl$sock_inet6_udp_SIOCOUTQ(r1, 0x5411, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1f009b8cccc7a1d514c5cb2a08", @ANYRESDEC, @ANYBLOB="170900000000000000000100000005000700000000000800090000000000140020000002007abcd6d300000000000000000108000a0000000000060002000100000014001f00ff010000000068ddc02a2523f7f5"], 0x3}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB=':\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000fedbdf250800000006001d003d0000000800180000007fff06000e00ff0f000006001c0009000000050004005300000006000300020000000500070002000000", @ANYBLOB="682bce2e8954237c28466e0688060df4e31be24027871ff4c363ceac245ef811cb5893bf4a326dacf5d4fe828d05b21ddf84b9d9772ba083924e0e4e905c4f61a3", @ANYPTR=&(0x7f0000000340)=ANY=[@ANYRESOCT], @ANYRES64], 0x6}, 0x1, 0x0, 0x0, 0x10}, 0x80)
sendmsg$L2TP_CMD_SESSION_CREATE(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x64, r3, 0x1, 0x70bd27, 0x25dfdbff, {}, [@L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e22}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'ip6gretap0\x00'}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @dev={0xfe, 0x80, [], 0x20}}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xe5}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000001)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040), 0x0)
sendto$inet(r5, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f00003cef9f)='7', 0x1, 0x800, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000025e000)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=<r6=>0x0], &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x6c, &(0x7f000059aff8)={r6}, &(0x7f000034f000)=0x2059b000)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r6, 0x63}, 0x0)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000280)={r6, 0x3ff}, &(0x7f00000002c0)=0x8)
r7 = dup(r4)
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:54:45 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r2, 0x4008ae73, &(0x7f00000000c0)={0xfffffffd, 0x6})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:54:45 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(0x0, 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:45 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000000480)={0xa4, 0x0, 0x7, 0x201, 0x0, 0x0, {0xa, 0x0, 0x2}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x9d0c}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x1000}, @NFACCT_QUOTA={0xc}, @NFACCT_PKTS={0xc}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_FILTER={0x2c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x7}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x3}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x80}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x5}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFACCT_FILTER={0x4}, @NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8}]}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x6}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4800}, 0x84)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d40)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ee33adfdbe08b8c5236b93b9f98408dc4eff01eefd579f32cc7b4409f6e370d1515d2e1fa6320000000105772981a5e61b77efd66a1c73c2c640d8cf037ee107c28dcb7dc387d377eb5a0343ee471018eae6f2159b19e6eb74e2a9242c39282695839e0eb674744638977c4ea74615e353cc7b7b1a4beebb8bc9295ef639ca7343459acbd9ea8e7aad0589e514e2311272a148b0bafb4c6a35d899e0b06a64dd423f2c0c92b9851be067544970edbd236b76bc673e7b76bb0dc48522a98bc1177ff2305368088ee10af9cc29dad14a4789779d2fd33ff6c6b2ae88b197d9da56db2ceb468004cdfe36e6214b0005d89ab51603a73a9cb4830358a143660d844485ac914e99388819c04822370dc5d843129db3a56e1e24bde324426d14f9e65383f31ea76d495e324db33ed14280bdebba07ee268acbd61e7b8f13d34e7c1fb224c4ecf10db58ef30be4438103af92386465819c6083bd912f46914fc918e0439fc186edcf7a7bd38cd3e450f392704d3c3d98bebd1e77239f6d637b666038e271f69437edfe4d4061165a92063ad59174d486ce166d786edc6e5505142ae764c18fcf68ae688433388d3f5c34878e41cb4bf5fe2ea46dfaaebfbb1e6543bfeabec7b9f50ef67f7500aa10b7016fa48227c10d56", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/mixer\x00', 0x440580, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r5, 0xc0044d1b, &(0x7f00000003c0)=0x48)
r6 = open(&(0x7f0000021000)='./file0\x00', 0x14000, 0x32)
r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003740)='NLBL_UNLBL\x00')
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r6, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x6c, r7, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_SECCTX={0x21, 0x7, 'system_u:object_r:fonts_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x2b}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x6c}}, 0x0)
write$P9_RCLUNK(r6, &(0x7f0000000280)={0x7, 0x79, 0x1}, 0x7)
sendmsg$NLBL_UNLABEL_C_STATICLISTDEF(r1, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000400)={0x5c, r7, 0x300, 0x10001, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'vlan0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x29, 0x7, 'system_u:object_r:ldconfig_exec_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @broadcast}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000080}, 0x2000c000)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1225.367609] Bluetooth: Unknown HCI packet type 5e
[ 1225.368711] Bluetooth: Unknown HCI packet type 5e
[ 1225.372724] Bluetooth: Unknown HCI packet type 43
[ 1225.382516] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1225.388315] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1225.414036] Bluetooth: Unknown HCI packet type 5e
[ 1225.417979] Bluetooth: Unknown HCI packet type 43
[ 1225.452771] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=18181 comm=syz-executor.5
03:54:46 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(0x0, 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1225.461832] Bluetooth: Unknown HCI packet type 50
[ 1225.466518] Bluetooth: Unknown HCI packet type 5e
[ 1225.483520] FAT-fs (loop4): bogus number of reserved sectors
[ 1225.497031] Bluetooth: Unknown HCI packet type 5e
[ 1225.506726] Bluetooth: Unknown HCI packet type 50
[ 1225.511075] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1225.519108] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1225.519268] Bluetooth: Unknown HCI packet type 5e
[ 1225.531983] Bluetooth: Unknown HCI packet type 40
03:54:46 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(0xffffffffffffffff, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

[ 1225.561344] Bluetooth: Unknown HCI packet type 40
03:54:46 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(0xffffffffffffffff, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:54:46 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(0xffffffffffffffff, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

03:54:46 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:46 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1226.627030] audit: type=1804 audit(1586318087.169:144): pid=18230 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/325/bus" dev="sda1" ino=15810 res=1
[ 1226.746703] Bluetooth: Unknown HCI packet type 5e
[ 1227.064429] Bluetooth: hci0 command 0x1009 tx timeout
[ 1227.394404] Bluetooth: hci2 command 0x1003 tx timeout
[ 1227.399852] Bluetooth: hci2 sending frame failed (-49)
[ 1227.409533] Bluetooth: hci1 command 0x1003 tx timeout
[ 1227.422259] Bluetooth: hci1 sending frame failed (-49)
[ 1228.824205] Bluetooth: hci3 command 0x1003 tx timeout
[ 1228.829623] Bluetooth: hci3 sending frame failed (-49)
[ 1229.464207] Bluetooth: hci1 command 0x1001 tx timeout
[ 1229.469471] Bluetooth: hci2 command 0x1001 tx timeout
[ 1229.469515] Bluetooth: hci1 sending frame failed (-49)
[ 1229.476293] Bluetooth: hci2 sending frame failed (-49)
[ 1230.904115] Bluetooth: hci3 command 0x1001 tx timeout
[ 1230.909507] Bluetooth: hci3 sending frame failed (-49)
03:54:51 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1231.102943] Bluetooth: Unknown HCI packet type 5e
[ 1231.102995] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1231.108265] Bluetooth: Unknown HCI packet type 43
[ 1231.128274] Bluetooth: Unknown HCI packet type 5e
[ 1231.142652] hfs: can't find a HFS filesystem on dev loop2
[ 1231.148872] Bluetooth: Unknown HCI packet type 50
[ 1231.158849] Bluetooth: Unknown HCI packet type 5e
[ 1231.163820] Bluetooth: Unknown HCI packet type 40
[ 1231.543989] Bluetooth: hci2 command 0x1009 tx timeout
[ 1231.544035] Bluetooth: hci1 command 0x1009 tx timeout
[ 1232.983891] Bluetooth: hci3 command 0x1009 tx timeout
[ 1233.143851] Bluetooth: hci0 command 0x1003 tx timeout
[ 1233.149287] Bluetooth: hci0 sending frame failed (-49)
[ 1235.223749] Bluetooth: hci0 command 0x1001 tx timeout
[ 1235.229097] Bluetooth: hci0 sending frame failed (-49)
03:54:57 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:54:57 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:54:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000540)='NET_DM\x00')
sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000018c0)={&(0x7f00000004c0), 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x14, r3, 0x0, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x109001, 0x0)
sendmsg$NET_DM_CMD_STOP(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xa062284516979ee2}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r3, 0x400, 0x70bd26, 0x25dfdbfb, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x480c4}, 0x810)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
recvmsg$kcm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000240)=""/201, 0xc9}, {&(0x7f0000000340)=""/148, 0x94}, {&(0x7f0000000400)=""/37, 0x25}, {&(0x7f0000000640)=""/164, 0xa4}, {&(0x7f0000000700)=""/247, 0xf7}, {&(0x7f0000000800)=""/197, 0xc5}, {&(0x7f0000000440)=""/2, 0x2}, {&(0x7f0000000900)=""/115, 0x73}], 0x8, &(0x7f0000000a00)=""/112, 0x70}, 0x10000)

03:54:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x7)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
ioctl$TIOCSISO7816(0xffffffffffffffff, 0xc0285443, &(0x7f00000000c0)={0x6, 0x1ff, 0xae24, 0x2, 0xb1})
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000280)=0x8)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x80, 0x181)
write$vhci(r4, &(0x7f0000000240)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)

03:54:57 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$BLKIOOPT(r1, 0x1279, &(0x7f00000000c0))

[ 1236.880638] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=18269 comm=syz-executor.4
[ 1236.897948] Bluetooth: Unknown HCI packet type 5e
[ 1236.898074] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1236.905923] Bluetooth: Unknown HCI packet type 43
03:54:57 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(0x0, 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1236.934501] Bluetooth: hci2 sending frame failed (-49)
[ 1236.940950] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1236.964358] Bluetooth: Unknown HCI packet type 5e
[ 1236.969263] Bluetooth: Unknown HCI packet type 50
03:54:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f646f74732c6e6f63b68465d5c65c917ae96387e3ea6b4a0ef1630050b20fe7d9e8fa3a9e82131b9e9822fee43b363a247d24da00cd1fd9a616b0ab95ebfd5d34399f020a87676b036cf9efd5f9f660e871c5f1cf02ff78e14ed6722c151b44503f568100b3fa3bbe59da20adcad65617d60f43f3b17e589285faa84274604a001734e52e99b01679d471eae730f9648c4edbba74128b815e6a73d407bd1d6d2cc87a597ed4bbfe4f6301425faa81386e2249b8bfb7f2c03bef0e1a6169099e8980040dffe2457ab2e27fe1585b7c6e4f2d2d7175aa3a95e6d2c611f2cd4b06410619ff2d13ae7c6f5867e77e3446bd39f5634eba74a9394526d39f"])

[ 1237.002341] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=18279 comm=syz-executor.4
[ 1237.013717] Bluetooth: Unknown HCI packet type 5e
[ 1237.030409] Bluetooth: Unknown HCI packet type 40
03:54:57 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(0x0, 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1237.130525] FAT-fs (loop4): Unrecognized mount option "noc¶„eÕÆ\‘zéc‡ãêkJñc" or missing value
03:54:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280)='TIPCv2\x00')
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="d57f000019bb620b8f1216"], 0x3}}, 0x0)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000040)={&(0x7f00000001c0)={0x154, r2, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x4259}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x709b}]}, @TIPC_NLA_MON={0x1c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7c}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc0}]}, @TIPC_NLA_MEDIA={0xd4, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffff745}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x800}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6e90cfed}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x2}]}]}, 0x154}, 0x1, 0x0, 0x0, 0x20000810}, 0x20000094)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:54:57 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(0x0, 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1237.304072] Bluetooth: hci0 command 0x1009 tx timeout
[ 1237.313673] FAT-fs (loop4): bogus number of reserved sectors
[ 1237.319683] FAT-fs (loop4): Can't find a valid FAT filesystem
03:54:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
setsockopt$ax25_SO_BINDTODEVICE(r1, 0x101, 0x19, &(0x7f0000000000)=@bpq0='bpq0\x00', 0x10)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
pwrite64(r1, &(0x7f0000000040)="36162e09496c56bc84b98d55fd62c889b863354044167c84199573f032e05c6d800d07b508aacc676f57c650d6bba7a5b960a4055d1b2ab8ef2bfb38e8331710c5a1fad4aa369045c627eaa9ace588951c234b4b5213a46f5449925f8a57a9d421585632829076edca70aedf67911866524677b5d41e913ef3ee645a2cdaa6a4db1fc2336b9875255048cb0a008aee8e8df0b3b85c82aae8c28613133831a6855614810972", 0xa5, 0x5)

[ 1237.461999] FAT-fs (loop4): bogus number of reserved sectors
[ 1237.473930] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1237.537635] FAT-fs (loop4): bogus number of reserved sectors
[ 1237.546021] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1237.832375] audit: type=1804 audit(1586318098.370:145): pid=18333 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/326/bus" dev="sda1" ino=15810 res=1
[ 1237.952435] Bluetooth: Unknown HCI packet type 5e
[ 1237.961069] Bluetooth: Unknown HCI packet type 43
[ 1238.913320] Bluetooth: hci1 command 0x1003 tx timeout
[ 1238.918655] Bluetooth: hci1 sending frame failed (-49)
[ 1238.983351] Bluetooth: hci2 command 0x1003 tx timeout
[ 1238.988851] Bluetooth: hci2 sending frame failed (-49)
[ 1240.023277] Bluetooth: hci3 command 0x1003 tx timeout
[ 1240.028702] Bluetooth: hci3 sending frame failed (-49)
[ 1240.993225] Bluetooth: hci1 command 0x1001 tx timeout
[ 1240.998552] Bluetooth: hci1 sending frame failed (-49)
[ 1241.073187] Bluetooth: hci2 command 0x1001 tx timeout
[ 1241.078545] Bluetooth: hci2 sending frame failed (-49)
03:55:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1241.350928] Bluetooth: Unknown HCI packet type 5e
[ 1241.351180] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1241.356020] Bluetooth: Unknown HCI packet type 43
[ 1241.369698] hfs: can't find a HFS filesystem on dev loop2
[ 1241.380509] Bluetooth: Unknown HCI packet type 5e
[ 1241.391378] Bluetooth: Unknown HCI packet type 50
[ 1241.397234] Bluetooth: Unknown HCI packet type 5e
[ 1241.402193] Bluetooth: Unknown HCI packet type 40
[ 1242.103056] Bluetooth: hci3 command 0x1001 tx timeout
[ 1242.109407] Bluetooth: hci3 sending frame failed (-49)
[ 1243.062986] Bluetooth: hci1 command 0x1009 tx timeout
[ 1243.142999] Bluetooth: hci2 command 0x1009 tx timeout
[ 1243.392976] Bluetooth: hci0 command 0x1003 tx timeout
[ 1243.398395] Bluetooth: hci0 sending frame failed (-49)
[ 1244.192868] Bluetooth: hci3 command 0x1009 tx timeout
[ 1245.462802] Bluetooth: hci0 command 0x1001 tx timeout
[ 1245.462882] Bluetooth: hci0 sending frame failed (-49)
[ 1247.542610] Bluetooth: hci0 command 0x1009 tx timeout
03:55:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:55:08 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:55:08 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x5, 0x0, 0x0, 0x3080, &(0x7f0000000680)=ANY=[@ANYRES16])

03:55:08 executing program 3:
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000240)=0x4)
r0 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r0, 0x1000)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'batadv0\x00'})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$KVM_SET_TSS_ADDR(r3, 0xae47, 0xd000)
ioctl$KDADDIO(r2, 0x400455c8, 0x4)
setsockopt$inet_dccp_int(r1, 0x21, 0x4, &(0x7f0000000140)=0x80000000, 0x4)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000000)=0x4033)
ioctl$UI_DEV_DESTROY(r1, 0x5502)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:55:08 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDGKBENT(r0, 0x4b46, &(0x7f00000000c0)={0x20, 0x40, 0x3})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1248.381095] audit: type=1804 audit(1586318108.921:146): pid=18373 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/209/bus" dev="sda1" ino=15917 res=1
03:55:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1248.478400] Bluetooth: Unknown HCI packet type 5e
[ 1248.488751] Bluetooth: Unknown HCI packet type 43
[ 1248.495075] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1248.495721] Bluetooth: Unknown HCI packet type 5e
03:55:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='e\x00'/13])

[ 1248.523700] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1248.562458] Bluetooth: Unknown HCI packet type 5e
[ 1248.567360] Bluetooth: Unknown HCI packet type 50
[ 1248.572213] Bluetooth: Unknown HCI packet type 5e
[ 1248.580279] Bluetooth: Unknown HCI packet type 43
[ 1248.590496] Bluetooth: Unknown HCI packet type 5e
[ 1248.607795] Bluetooth: Unknown HCI packet type 50
[ 1248.613655] Bluetooth: Unknown HCI packet type 40
[ 1248.628563] FAT-fs (loop4): Unrecognized mount option "e" or missing value
[ 1248.631842] Bluetooth: Unknown HCI packet type 5e
[ 1248.650681] Bluetooth: Unknown HCI packet type 40
03:55:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:55:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r2, 0xc008240a, &(0x7f0000000000)={0x4, 0x0, [0x0, 0x0, 0x0, 0x0]})
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0)
getsockname$packet(r2, &(0x7f0000001140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001180)=0x14)
sendmmsg$inet6(r3, &(0x7f0000001d00)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x4, @local, 0x7fffffff}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000000080)="8d0ac97212d8e8a00bef579cf47bac968ef4232129cd05c6503c97d47b38c7623083919943f27ee2a9261973db7a7dd033846b1135c2ab07dfce1ab63826ee720ad8fbd8bb49ebfcfd6d7ebfe45aeff468e3cb7690bd1381fe3dd52c8104d6a50189945094f37b27c9c4b8824af613b80f2495f9567e58cd731188ee62178fd3aab4195ce367808a7b", 0x89}, {&(0x7f0000000240)="591ed9d2e2ad6ad9722a5b0e12d9b660ea827458d65359ad3d542b6e9bf6e8b344b4fd38cb9400e052770266af5ef21f20f6759ba1aa3c9860cbd6c999f03c5331235932301e2983becd66b56ae6da6e9ab5912e873bf8af717c0569c4e0f124297ab348d030ca7ddd749fad009fada59c33dace2d7ba17b0ffa1ec2ed9961cd733a15b7c9d4beb88282ec0876", 0x8d}, {&(0x7f0000000300)="67bc820b26e044c7d8018a330459f5e556451e62099ab5624ad098d86167ffe3cb00b029462e74a4499c8990cd10be5bbb12eba57766b397e773d5965c61d75bc5b3a1fc9a1f1da7291c81a81abd312512b8f5bf4e43f0396e0dd2932d05fc2b4d85e18f99e1aa73aacb4c7f5ecef0ab8932b66b2a55d32ebe1adedc6a4aa562edd9c0c53e", 0x85}, {&(0x7f00000003c0)="a4acc13680b965d634abc336017a76e193503975f14710b38127716155e4e5b1e31c73f171120b86c8d1b82186e1da737a626d6a7117041d8b433e7ce5b30cccfda3736a078fc88e58c2c75c0bf6bd7bbcaefc3cfcc1d754f7791d41d10ee3e632585cb8bc9a8f7d3a3d0ca576a667ff75d3bdf633ad776d2bf25d5d7c5f80eb8371b6a09b2c62e7cf71f2683a9bdb1d7764e9c3023bfb452182acc959e5370041427bb0e1623dec4f59f53c522356", 0xaf}, {&(0x7f0000000480)="9383128e684f2e0f9c78b040d9c56fcf14e086b3fdccd772492ff0bd4046752fe2d2e4b192ad5dd91a2643e0dc342cedf07cba4779d7a5cb55141305f3e03555d22c4d788529d177a5c143262e8f78aa16dc49e8098abdddce29a809c9bf6cb82ec07355e6e7db0b50c4bf95ca0bd40f77033aa9ca5baa94df8186ebdd3c303ceae703fa006e9d58a463d59f3dbedbfbece91f7ca55d3b65162029508d7ff658b18544bdefb311cd1a9eb065a4fad0e81c9832e4741c08f4b1e8d6d2ef365d34be0c17afbaaf74b0d8ae4fb23ec7cb4b9c56e67000a89084248e7ba5e33eb9e9272186769bfd9c609f79a3334a", 0xed}, {&(0x7f0000000580)="ceada4f36024bfd5cb7cfa24621575e1ef7b4f8f08da20292822b8f39e66b1e7af811c745cdc8944c7664c6ff95b475cd88a2155396589597e701035841947ff63e72cda97e8f27b3c24c0f9422705c4c551e3b92a44d855f49c4387a93d7cbfe5a03c0bd4413cbc1d1c27f6bd16024d40723e2144cf3d5ed96848c5", 0x7c}], 0x6, &(0x7f0000000680)=[@hopopts={{0xb0, 0x29, 0x36, {0x3a, 0x12, [], [@enc_lim={0x4, 0x1, 0x7f}, @pad1, @generic={0x0, 0x8b, "237962305f87077dbb49b6f4a58aa154c3cfb9a8cefcd8bad85733c4df9237fc2a547258ff322bb88f323faa94245ed4031b182746384a0a5d0edf4398f544795607ccbb84d252d126301f233582812dd15e8f2a26b92a39b60d6eeb8d8cebce010a418871e1e12c532eb04f04f3bf63bdab7060af07fb97b9ca6e7c47579ddd169c8ade0b946dd29aac16"}]}}}, @hopopts={{0xf8, 0x29, 0x36, {0x29, 0x1c, [], [@generic={0x3, 0xde, "e32e93e187cee6a143c6cc5a7ccdfefc73b6833c08d67bc1b80beb52fc7d31c36522271fb96b9f459609f8fa84698075a6b420a57a9ecd9247bf993e722a1042f82fa55b0350d835ce5c01bc2de5162dc7263cee1b41878eca25890c2623bfc146fb0f52d8d2b9f60e80e4e4fb2609235dec820e7ae2369f377e561195dddaaa08c23b1e7602461507f6e73746a6ee96223f3d4f9d700626d35d3c186cea5a78028825916f30ae99c3b1e2321b47c10d98b7a99e428a24fadcf3aaf8b50f3db82a2a2091d3db2590a7fecde902b51623d58a1349c9f102ef2b5bcf07683a"}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback, r7}}}, @tclass={{0x14, 0x29, 0x43, 0x7fffffff}}, @rthdrdstopts={{0x30, 0x29, 0x37, {0x3a, 0x2, [], [@padn, @ra={0x5, 0x2, 0x3f}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x93}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x5}}, @tclass={{0x14, 0x29, 0x43, 0x1}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x9}}, @dstopts_2292={{0xf8, 0x29, 0x4, {0x3c, 0x1c, [], [@pad1, @generic={0x81, 0xc9, "54d805a5c935369c8a077dc026553ea73ac97b6a37b0457ae0b88e0b2b7aff4f2abf3c0c53fb5ed79417f3678adc8bba020198c70880b33ee1b2cf9ef8c8a5d4b358391168112a7308bd1f77c00b24aba43908cbaf653fe6ff05818940360dea81476cddb26d6dadfe3f0aa62df9e2d62328d72972edc51b6506b0801ff61f742d5b2f7a4770c7e5034c08d05558f1ef602ea22952cf67ff4aec1799ca1ef1c8b492ae980298bd69276857a6d0aa9bb7aeff903f1a81e26d5866db5e9dd96065309b3ed80aade838b7"}, @hao={0xc9, 0x10, @rand_addr="77d948915530a6f6d4a20fa0e991ec7b"}]}}}], 0x358}}, {{&(0x7f0000000140)={0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, [], 0x32}, 0x800}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000a00)="4e998ab6b7802b5a3514970a726f476c1dec71efe67ab6cbc9721800a277796c4092dc3293d0a7e7ea94e76208abf7de2b01eee38fbae54771287d149a6bc092da9392f56f84394ec94cb1ce88c3c0d1e7ab39894c616042f84cc4f378764e8fce8cea2355fbfa06b008c5d1db141aea8cf2ebebd7a3f3688c0a40d8b114355c6d0463b58b369756a47f71e809e48780683f9c035642ab76ab64543c84f3f9469ff62c06b64f017f4752c12ea90ba299ebd4ed0d94999cd5537cf59e3f3c003b0717aa19c64575d35fe03a286d1641062dd8424f5583b967f0b641f512cf92eaf1f4bf724d1971820af1d80efa65072d8db8a6332c6b65f1afca5804e6", 0xfd}], 0x1, &(0x7f0000000b00)=[@rthdr={{0x58, 0x29, 0x39, {0xff, 0x8, 0x0, 0x20, 0x0, [@dev={0xfe, 0x80, [], 0x2b}, @mcast1, @local, @initdev={0xfe, 0x88, [], 0x0, 0x0}]}}}, @tclass={{0x14, 0x29, 0x43, 0xa96}}, @rthdr={{0x28, 0x29, 0x39, {0x2f, 0x2, 0xf92ffc7f6cf430bb, 0x40, 0x0, [@remote]}}}], 0x98}}, {{&(0x7f0000000bc0)={0xa, 0x4e21, 0xb3, @local, 0x3}, 0x1c, &(0x7f0000000d00)=[{&(0x7f0000000c00)="e98a233f6e6965138a26c0b1df528198fdcdffc9841acdb4f6ca9708555b064074e66896d1fd55136a154b2ef73ed301cbfca4fea7638e9fef5f6f9c2bbe0ce9d637564f10e0d28a5c33c178ae6c686c1e7e6883cbfd8f17a4ebd9fff7b61c8fe87f4dd44b6ee0188d1a3241cac0", 0x6e}, {&(0x7f0000000c80)="d493869ccc391ed75e2feed38bb30a91396591bb476435b5348808bd96c64a9e6a3cbf124b6ac0824b1f97e9c41c8171cdf70871d81957cfe11f663f36c429cf181722ffd491567dba9b", 0x4a}], 0x2, &(0x7f0000000d40)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x9d}}], 0x18}}, {{&(0x7f0000000d80)={0xa, 0x4e23, 0x2, @rand_addr="cfd0b7c4a0edf222f0188839515ce027", 0x79}, 0x1c, &(0x7f0000000f00)=[{&(0x7f0000000dc0)="7d510b05161918eed0b5ab41fd3efae9c65048d2966c377fcea545d11c49e2a9a3fe212db1ddb0d1307798af9759094d616fe5006cfc933af489a6ca9c2602ee2b09cecb9f7df4343f6b032fbeb1231a72f379b8981223217a83f2640cb0f75ab223e825d8d4a1a372076d4ac40fcdab656b425bfc414b1ee531d5fc54f2b0223ff1441eaf6089caa580061d196db46a9355146c38b001958cdbc2e479092209ae10aa4e9ba0cfe49ef5d18c", 0xac}, {&(0x7f0000000e80)="3cf502bf78430544b15f7877264d39c69bc8c38e26b27d7bb243a3ce2dfad8d39a7d4b0eb6623bd4cc5d9465b4634864f4f8d2dbc634a22e6a773c77395908415584", 0x42}], 0x2}}, {{&(0x7f0000000f40)={0xa, 0x4e23, 0x3, @mcast1, 0x3}, 0x1c, &(0x7f0000001040)=[{&(0x7f0000000f80)="db6af402615b48aa10ebd1df2489dc797ee1b4c24221b27d985c806b3cce9451c311c74bb3531d16c313f1c809", 0x2d}, {&(0x7f0000000fc0)="e2d24bf04c095805f8e0a247b2150c61256f852e78de83af81699083d89fc8bf1ae20a590764b0fab7ee1b922fdc95e8bb1b5b1ee1e4d562578e3de72cca32b94c9d46a7ca786434c775caf641e97d392b575b332409a887161b0573f3dff1aefe5cec6e7f663753bc", 0x69}], 0x2, &(0x7f00000011c0)=[@rthdr={{0xb8, 0x29, 0x39, {0x32, 0x14, 0x0, 0x0, 0x0, [@mcast2, @empty, @remote, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x41}}, @dev={0xfe, 0x80, [], 0x2c}, @mcast1, @remote, @mcast1, @dev={0xfe, 0x80, [], 0x2c}, @empty]}}}, @pktinfo={{0x24, 0x29, 0x32, {@rand_addr="5aac2b8c83393f1653f52e5e64960e99", r8}}}, @rthdrdstopts={{0x68, 0x29, 0x37, {0x73, 0xa, [], [@jumbo={0xc2, 0x4, 0x3f}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x7}, @jumbo={0xc2, 0x4, 0x3f}, @calipso={0x7, 0x30, {0x1, 0xa, 0x3, 0x5, [0x3ff, 0x9, 0x9, 0x1000, 0xffffffffffffffe1]}}, @ra={0x5, 0x2, 0x81}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}, @dstopts={{0xd0, 0x29, 0x37, {0x84, 0x16, [], [@ra={0x5, 0x2, 0x5}, @generic={0x5, 0x82, "9023269a60d522660404fe05c2df060313353f0f18a363e250a5a694093a5e65a0c30904ebca8f48d5515a495e2dd8742793103ab35fe3216caf7f07e173e0f0eccff3e9cb74e760849f9ae0a61c292a388fd0119d3385aa338fc672d1ccfeba82ccc1f202197335cd618c8c089f5f33473a1e5d3b89d393fe06a2667272847c0b5b"}, @calipso={0x7, 0x18, {0x1, 0x4, 0x2, 0x3ff, [0x1, 0x9]}}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}]}}}], 0x218}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000001400)="5d7def9e82eaf78597f6b0e619bfa6277939da9544e5ca9a1e8829cde5ba4984f144d9ddc4d0f74686bd86aeacb42b410be8f1f2df8c55e07505ca1931f69f51450a7b00c835856655c8d013b8fdc52ff76599b5ddc5408df473fa74967aa6092f06c9eb711b1f14d2d546df118f6268f427e578cc4fb258dff6ca1704fe483de60d45b49c96f29e613f5645420abc1af82cb5b7", 0x94}, {&(0x7f00000014c0)="27e1dd59deb816e8d97b1ffe037709876c916d97de076122c5605da27ce0bd7cc57b7e81b97677fcdccfecd147793790eb3600c6304cc303db80529e8d2895b196b127754f4dae123d2d37d1efea7421cdaac6404cd3ab7726e3ffdc1383365b61076694db6d610995d647f0856ca17318a7680aafc7fe2d41cdd6eccc084b99129b2fd14479afc8749d5ed2c891230239abf133ad6940667410747e19f317c625a4eb5494478498cb41511ec112336c16a125e1cb0b66dba51a96539f5d8509edf0886414079cd330dc92d1abe5fa98bb00", 0xd2}, {&(0x7f00000015c0)="f1bdd7852ea98236edbfcf02d44bdfcca0db5ed3208cfe307828d4ee6c72b25dfbad8af259a799199f70c091049a6c4d82e5cef4d7421578968d2c9b116aa2f5603769762485dc57e06a29de1a14fdbb04a1c1f8e7c761a77be57f5bcc7f92b6f9858fa03fb23d77ee0e40cb499ba1893951aece6bc828f0e772f4df6e264e0860886171204ea4816ff25594ae9ab20f40bc77ec0d44847bae63dd778b319e23ab7ffe3c1a807a7f4bdf733f1761ebd771b90047b403a34e5894543871cf770b63d6ea5148305cd86bf89675bd28fc8e329a27ed628171c17b1419ccfe50ea", 0xdf}], 0x3, &(0x7f0000001700)=[@tclass={{0x14, 0x29, 0x43, 0x7f}}, @dstopts={{0x58, 0x29, 0x37, {0x9f80784e660cd222, 0x7, [], [@padn={0x1, 0x2, [0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x7f}, @pad1, @calipso={0x7, 0x10, {0x0, 0x2, 0x3f, 0x1f, [0x5]}}, @padn={0x1, 0x1, [0x0]}, @ra={0x5, 0x2, 0x1}, @hao={0xc9, 0x10, @mcast1}, @jumbo={0xc2, 0x4, 0x7}]}}}, @tclass={{0x14, 0x29, 0x43, 0x3a4}}, @rthdr_2292={{0x48, 0x29, 0x39, {0x6c, 0x6, 0x0, 0x6, 0x0, [@loopback, @dev={0xfe, 0x80, [], 0x44}, @local]}}}], 0xd0}}, {{&(0x7f0000001800)={0xa, 0x4e23, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x37d4}, 0x1c, &(0x7f0000001a00)=[{&(0x7f0000001840)="5f51969697b541c376ad8566d90de1aca20b9fe1e494f56ba6fa21808370ba99d5bcc704061e4962dc911e511b8bf65fe7014679b9716382d749b0c06439", 0x3e}, {&(0x7f0000001880)="f60ceb149ba85bce29ecc7f3b6dccaaa40dd91389b759581995391cbe30a2a0560e71ec4b9751418891a20474d8cc6403bfd74d03aa9c00bed3e95f4f8d7752132922b58eb7c5ad1b82b5362f5478823b7a18be0c03ef1c9", 0x58}, {&(0x7f0000001900)="3c212267a6d0b4e5e82c9b2361aa3b7fb93993e840a777d89643ffb0523d48207a5ecd0aaa4114ef411019975dbbdad3921129e4aa6fd502974a2f401967507405e75811c69ebde8b5c11e77f1582c1dddeed7921b802cecd1f7478b6f4300245e0d41025447932e94eaa93a2a421dfdb756cb1baad204f4924540341c1d479e054ace72b03c77ed63c962ea43e9109a17109d56ab405fbc643e88bf86626d753286b5d579fbff027e5b325b699faa573b49b886f4d889c3e49a2b499b806663b502f7a71345e166cb8a49430049c243793dd7e998", 0xd5}], 0x3, &(0x7f0000001a40)=[@dstopts={{0x20, 0x29, 0x37, {0x5e, 0x0, [], [@jumbo={0xc2, 0x4, 0x6}]}}}, @rthdrdstopts={{0x78, 0x29, 0x37, {0x0, 0xb, [], [@calipso={0x7, 0x28, {0x1, 0x8, 0x3, 0xe955, [0x9, 0x5d, 0xff, 0x9]}}, @pad1, @calipso={0x7, 0x20, {0x3, 0x6, 0x6, 0x2, [0x7f, 0x6, 0x3f]}}, @jumbo={0xc2, 0x4, 0x3}, @ra={0x5, 0x2, 0x9}]}}}, @hopopts_2292={{0x80, 0x29, 0x36, {0x3b, 0xc, [], [@pad1, @calipso={0x7, 0x50, {0x1, 0x12, 0xc6, 0x1, [0x523, 0x4, 0x8, 0x10000, 0x3, 0x1, 0x1c00000000000, 0xfffffffffffffff8, 0x3d8e]}}, @hao={0xc9, 0x10, @remote}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x4}}, @hopopts={{0xb0, 0x29, 0x36, {0x32, 0x12, [], [@generic={0x5, 0x39, "abde2845b5e103d9ef2bbe65b81f992c6a7f213c74d2bce83206b18adaef0e4de565e87a36dfd84e698718d78b6f2078265ea1f620e7407096"}, @hao={0xc9, 0x10, @remote}, @ra={0x5, 0x2, 0x4}, @calipso={0x7, 0x40, {0x6, 0xe, 0x7f, 0x2, [0x56f12228, 0x1ff, 0x37, 0x1, 0x9, 0x1, 0x6]}}]}}}, @rthdr_2292={{0x88, 0x29, 0x39, {0x33, 0xe, 0x0, 0x9, 0x0, [@mcast2, @mcast1, @initdev={0xfe, 0x88, [], 0x1, 0x0}, @dev={0xfe, 0x80, [], 0x37}, @mcast2, @remote, @empty]}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x2, 0x2, 0x2, 0x68, 0x0, [@loopback]}}}], 0x290}}], 0x7, 0x20000000)

03:55:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x8080fffffffe)

[ 1248.872075] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
03:55:09 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x8080fffffffe)

[ 1249.638663] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1249.750849] audit: type=1804 audit(1586318110.291:147): pid=18446 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/327/bus" dev="sda1" ino=15810 res=1
[ 1249.899823] Bluetooth: Unknown HCI packet type 5e
[ 1249.908236] Bluetooth: Unknown HCI packet type 43
[ 1250.502289] Bluetooth: hci1 command 0x1003 tx timeout
[ 1250.505182] Bluetooth: hci2 command 0x1003 tx timeout
[ 1250.512874] Bluetooth: hci1 sending frame failed (-49)
[ 1250.525182] Bluetooth: hci2 sending frame failed (-49)
03:55:12 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1251.599995] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1251.603013] Bluetooth: Unknown HCI packet type 5e
[ 1251.617553] Bluetooth: Unknown HCI packet type 43
[ 1251.626515] Bluetooth: Unknown HCI packet type 5e
[ 1251.631519] Bluetooth: Unknown HCI packet type 50
[ 1251.638450] Bluetooth: Unknown HCI packet type 5e
[ 1251.648578] hfs: can't find a HFS filesystem on dev loop2
[ 1251.655208] Bluetooth: Unknown HCI packet type 40
[ 1251.942319] Bluetooth: hci3 command 0x1003 tx timeout
[ 1251.947836] Bluetooth: hci3 sending frame failed (-49)
[ 1252.582233] Bluetooth: hci2 command 0x1001 tx timeout
[ 1252.587566] Bluetooth: hci2 sending frame failed (-49)
[ 1252.592974] Bluetooth: hci1 command 0x1001 tx timeout
[ 1252.598267] Bluetooth: hci1 sending frame failed (-49)
[ 1253.632041] Bluetooth: hci0 command 0x1003 tx timeout
[ 1253.637472] Bluetooth: hci0 sending frame failed (-49)
[ 1254.021992] Bluetooth: hci3 command 0x1001 tx timeout
[ 1254.027433] Bluetooth: hci3 sending frame failed (-49)
[ 1254.661979] Bluetooth: hci2 command 0x1009 tx timeout
[ 1254.662015] Bluetooth: hci1 command 0x1009 tx timeout
[ 1255.702005] Bluetooth: hci0 command 0x1001 tx timeout
[ 1255.707363] Bluetooth: hci0 sending frame failed (-49)
[ 1256.101882] Bluetooth: hci3 command 0x1009 tx timeout
[ 1257.781750] Bluetooth: hci0 command 0x1009 tx timeout
03:55:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:55:21 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x8080fffffffe)

03:55:21 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x24000810)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_PORTS(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x20, 0x70bd2d, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008040}, 0x0)
r3 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$NFT_MSG_GETOBJ_RESET(r4, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x20, 0x15, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x88}, 0x4000080)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:55:21 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TCGETS(r0, 0x5401, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:55:21 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000000)=0x10008004)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
pipe(&(0x7f0000000200)={<r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r6, 0x4080aea1, &(0x7f0000000240)=""/149)

[ 1260.538953] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pig=18486 comm=syz-executor.4
[ 1260.556061] Bluetooth: Unknown HCI packet type 5e
[ 1260.561177] Bluetooth: Unknown HCI packet type 43
[ 1260.569828] audit: type=1804 audit(1586318121.112:148): pid=18487 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/210/bus" dev="sda1" ino=15958 res=1
[ 1260.575462] Bluetooth: Unknown HCI packet type 5e
[ 1260.602956] Bluetooth: Unknown HCI packet type 5e
[ 1260.607957] Bluetooth: Unknown HCI packet type 43
[ 1260.618007] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1260.633006] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2581 sclass=netlink_route_socket pig=18494 comm=syz-executor.4
[ 1260.652945] Bluetooth: Unknown HCI packet type 5e
[ 1260.666210] Bluetooth: Unknown HCI packet type 50
03:55:21 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x8080fffffffe)

[ 1260.688581] FAT-fs (loop4): bogus number of reserved sectors
[ 1260.692968] audit: type=1804 audit(1586318121.192:149): pid=18498 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/210/bus" dev="sda1" ino=15958 res=1
[ 1260.704444] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1260.727842] Bluetooth: Unknown HCI packet type 5e
[ 1260.743140] Bluetooth: Unknown HCI packet type 50
[ 1260.749375] Bluetooth: Unknown HCI packet type 40
[ 1260.767920] Bluetooth: Unknown HCI packet type 5e
[ 1260.779657] audit: type=1804 audit(1586318121.192:150): pid=18498 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/210/bus" dev="sda1" ino=15958 res=1
[ 1260.785911] Bluetooth: Unknown HCI packet type 40
03:55:21 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x8080fffffffe)

[ 1260.924757] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pig=18486 comm=syz-executor.4
[ 1260.948683] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2581 sclass=netlink_route_socket pig=18494 comm=syz-executor.4
[ 1260.967836] FAT-fs (loop4): bogus number of reserved sectors
03:55:21 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x8080fffffffe)

[ 1260.984597] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:21 executing program 4:
getsockopt$IP_SET_OP_GET_BYNAME(0xffffffffffffffff, 0x1, 0x53, &(0x7f0000000080)={0x6, 0x7, 'syz1\x00'}, &(0x7f00000000c0)=0x28)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$KVM_SET_SREGS(r1, 0x4138ae84, &(0x7f00000001c0)={{0x2, 0xf000, 0xa, 0xd2, 0x3, 0xe0, 0xed, 0x9, 0x81, 0x6, 0x5, 0x9}, {0x4, 0x1000, 0xf, 0x4, 0x2, 0x5, 0x1, 0x9, 0x3f, 0x2, 0x6}, {0x100000, 0x0, 0x6237b541a6809882, 0x7, 0xf7, 0x80, 0x8, 0x7, 0x7f, 0x9, 0x3, 0x36}, {0xf000, 0x0, 0x9, 0x3, 0x81, 0x86, 0x98, 0x2, 0x1f, 0x48, 0x3f, 0x8}, {0x1000, 0x10000, 0xb6af9af6c740e7e5, 0x40, 0xa4, 0x1f, 0x6, 0x9, 0x9, 0x3, 0x81, 0xac}, {0x4000, 0x6000, 0x10, 0x81, 0x9, 0x6, 0x6, 0x3f, 0x3, 0x8, 0x9, 0x6}, {0x4001, 0x0, 0x4, 0x7, 0xc9, 0x2, 0x99, 0x6, 0x7f, 0x1, 0x6, 0x1}, {0x0, 0x3000, 0x8, 0x3, 0xd0, 0x40, 0x1, 0x1, 0x0, 0x7, 0x36}, {0x3000, 0x12}, {0x0, 0x4}, 0x2, 0x0, 0x1, 0x120141, 0x3, 0x2900, 0xd000, [0x0, 0x100000000, 0xdf59, 0xfffffffffffff801]})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f642aceaa04f962f75d7365c8e680ba7e35eae1639b51fff10018af9b873e50d6634e891f86996fb7f8b903f573d29b202535"])
r2 = getgid()
ioctl$TCGETA(r1, 0x5405, &(0x7f0000000000))
sendto$inet(0xffffffffffffffff, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @multicast2}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, <r3=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x6c, &(0x7f000059aff8)={r3}, &(0x7f000034f000)=0x2059b000)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r3, 0x63}, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000380)={<r4=>r3, 0x3d, "e342b0dd9f55f3911b4f082dda8b483fb0b7c19a36424a885080e215b2fde6d7dafeee62c3b458ba9cfa9e239fb5e7cbe18347d34889dfddc8d54489e5"}, &(0x7f0000000140)=0x45)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000300)={r4, 0x6, 0x10}, 0xc)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_sctp6_SCTP_NODELAY(r5, 0x84, 0x3, &(0x7f0000000040)=0x200, 0x4)
setgid(r2)

03:55:21 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x0)

[ 1261.166188] FAT-fs (loop4): Unrecognized mount option "nod*Ϊùb÷]seÈ怺~5êác›Qÿñ" or missing value
[ 1261.256716] FAT-fs (loop4): Unrecognized mount option "nod*Ϊùb÷]seÈ怺~5êác›Qÿñ" or missing value
03:55:21 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x0)

03:55:22 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0))

[ 1261.862779] Bluetooth: Unknown HCI packet type 5e
[ 1261.867851] Bluetooth: Unknown HCI packet type 43
[ 1261.876480] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1261.893625] Bluetooth: Unknown HCI packet type 5e
[ 1261.908530] Bluetooth: Unknown HCI packet type 50
[ 1261.918312] hfs: can't find a HFS filesystem on dev loop2
[ 1261.935998] Bluetooth: Unknown HCI packet type 5e
[ 1261.951060] Bluetooth: Unknown HCI packet type 40
[ 1262.275012] audit: type=1804 audit(1586318122.822:151): pid=18573 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/328/bus" dev="sda1" ino=15810 res=1
[ 1262.581292] Bluetooth: hci1 command 0x1003 tx timeout
[ 1262.586678] Bluetooth: hci1 sending frame failed (-49)
[ 1262.661233] Bluetooth: hci2 command 0x1003 tx timeout
[ 1262.666777] Bluetooth: hci2 sending frame failed (-49)
[ 1263.951247] Bluetooth: hci0 command 0x1003 tx timeout
[ 1263.956694] Bluetooth: hci0 sending frame failed (-49)
[ 1264.421117] Bluetooth: hci3 command 0x1003 tx timeout
[ 1264.426499] Bluetooth: hci3 sending frame failed (-49)
[ 1264.661101] Bluetooth: hci1 command 0x1001 tx timeout
[ 1264.666548] Bluetooth: hci1 sending frame failed (-49)
[ 1264.741097] Bluetooth: hci2 command 0x1001 tx timeout
[ 1264.746548] Bluetooth: hci2 sending frame failed (-49)
[ 1266.021092] Bluetooth: hci0 command 0x1001 tx timeout
[ 1266.026416] Bluetooth: hci0 sending frame failed (-49)
[ 1266.500995] Bluetooth: hci3 command 0x1001 tx timeout
[ 1266.506330] Bluetooth: hci3 sending frame failed (-49)
[ 1266.740964] Bluetooth: hci1 command 0x1009 tx timeout
[ 1266.821176] Bluetooth: hci2 command 0x1009 tx timeout
[ 1268.110910] Bluetooth: hci0 command 0x1009 tx timeout
[ 1268.580811] Bluetooth: hci3 command 0x1009 tx timeout
03:55:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
pipe(&(0x7f0000000200))
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:55:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
r5 = geteuid()
sendmsg$nl_netfilter(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f00000006c0)={0x2144, 0x7, 0x2, 0x101, 0x70bd29, 0x25dfdbfc, {0x3, 0x0, 0x2}, [@nested={0x111a, 0x12, 0x0, 0x1, [@typed={0xc, 0x35, 0x0, 0x0, @u64=0x100000000}, @generic="a1977478e0f8bebe981d8549a387e0da9774facce976cf1906df01e126c52965d5ae367ff7ac55d8e8f95139258918563fd2003c54a92eff1837f512d8d3cd9c6e9061aa2615744b154671eb96f544849daccca3fec2c8f39e1a", @generic="238a69aa9bae7d707637b6e92f4fe48f874a95dd685e5592467751af67526c7a5e5c02f2167bcb0eba84c900664b91b847271ecf59ba0dcc0e549ca82558fdb0ecf27b1eab264ca8b91a5cf7cd2d97ea5d96e469200cd55073202349d207653734881e7aa28d4f52bb4f969039f41da8b5af1bea0dd7864e81098019116b7cf86b4d80da77f16285bcf56073172a2f6a921e567e72c8ec3aa04ca4b187755bf77de65d08c9d3bb3288cfada5a02b89132ce3aaf3f8ff64bcb68e5710198a9e008e28bd8121ac45597f82a02770e1037de330f1ffd53518a5f14774841136bf0f342c9e083253d134250405283b4ffc17f48d2f2159fc9b63cc0363b068b9f3664032d0587b90c287d2c45d2edf97769e95833f8f3c33976ecc889dac0e555ba7f39b9e6863397fc05525436f927d684d48c8be6498281b047c1e236ab92e7205d3fcef096777bf4722c6a4b6ac7fa4e3074d4d763b27c5f9cdd885e0690eae3c8dda5ee82c720a47190cceeff81f989c3e70906747bec4b5dacd190cd1e86e2df707be718a85c3d93367de3c6edaff7c786a4c57fe76571f4594e817d417618dbab7091d667cdb1415c55c269cdfe3661b1eae3d56d3c34d618e08a96e8f5c9fabd4c76a9681c7b75bc0ba8d5669175fed8590b0bbe543cbc2fd55bd6bb5e3bb026056615c0d251870f1f2031c8b5b8bd4151cf9a8e51bfe9706546ad2acc934494f2ec795d1dc93218a9c8035b25c7b461ac9445347793957ebcb3d30c0bd3bc7fb58edc5bb2a44c4a47096fe487be5bf49db7068a08e29ee553e7b65a5563b1ae4364ec6434e3179c8346adca5c46749579a9cd50a7581101564be5d4089c86e71f8e924b8973c3184c1b52f4d9d368623b7c746810550be6bbc3542659af6f94063a6e312cd7f3aa3ce7f5762a1b55515d7172b9752d12ecf0f03956b8bec6ef388f87e4a1f1139a28bb6446c02bf249e202a2a3bcc4e35380e2e2d011717ee399850cba6257e9cf71e429d8b37114fc7bed5411dcf49c0dbdacbf8d36282ac6e6008a21e6bffc022706de89b1f75da58dec92a4948c56414a37a787783d972311ee5cd6318a4ce44abf5955cc0f617f34226c6fa8e9322789ab50ad4b3eba4049cebf099a1f9bbf7133c1f333da06cb8fa2e22de611c8b382982cdbd57af115d510dc439d4b32ef47d79ca61bc4ac84a058f4a62a71b34dc789d23d00b049a1ab0152c979248466e444355d3de1e4bad00341dbc2664c4ce30d00a8af490d2248b1b00c6415b7602db4eb3aab2e2beb7a5fccffe174a9d5e0e88aeca6874b2441e3e8feadf7497d286bc83394f9339bc69c41f4344ede9be82f5c4f3a88f9983874d9d3483e65b0327064ec69e55877fa0df0f905c004bb503f02a0bb92e190d38495a04f603b09e1848a5f74fdaedf8c65e7efa3db093a83945844a28da2de4754445055e5d8bc03a3f5a5bde9ef7206f75b890b07932d7ee1a85f2fb6ccadf5dd9a88eb1e954dc05f01f2233a07035b557d1346463f611b57ff102ef3f00c31a573b48f6d10d7e3b460e29482bc52e56f9f3e0376bb9835e50269496059af6119b6027f5c8a5d05cae4f804b521f645e045da6d1e93412ab7403130fa519a49bc5f04700eb0935652e18856fb4daad95f3bb8ff030b0b47d40f409e5cdc6f5066c401d2f9012d2c8ea2d7332b2cc4ce1f348056cf089fc91e3fc0c02bd0432a68e7cb77f7571aa73b142612a2eb3514acecfa38442511739696ce8bd9796eb2683f2dd0f97a319355b53ccc10e44f02564e1acd625d3c0a2adb431e4bece76f144a99e0b77531f5f7eb186094d794e0e9f801154939599ef68407173cdd790713a1bde0e4d7051198ba5bd044a3389b49ef678d772c42ea7fec481a5e00ed13d57763c332585677e9e1a1178c997df8c44a0840d5be6b1f8b4be9103bb5de314245d0b8406b06578f4ace78baef9dc1dd895eeba17413f866782026bf057bb504f9dfe9f8de0484ecba741b37b5e13d3bda451648c2333b733ec6f3581112cbb592d90421e242e2e48a2b054ae17cc8451cfe739636d8a6fecba3978cccc7c620d8bdb4db35ece3fe7b6db2a4d6b0467c34ba31c4444a27a7e3c37f2fc533e6c4b9511fefb442d66ec141eca7c4e3ce7f5810927acf5b1a1e325bb407353622fb44fc1216ef7597c26e703c41d7a383a1087ed8bf436d51423725916a3d0019cacd403f8af97bda03d2fdfc7fa4c787081ca78de5a02734144975fec1d586cd20fa3ed7b8711dd764df6135c92d9d42fbc51b3edc6cebfac03e843eca6ad0d23d149fee1991c21f053109c30fadbcc58cdb40e84b6dd9e80fee6a853558d56b6c66647d80ef34730a58ab6a3dc250c1321830261969e96c740ce9680b43e786b0f069a23720b5e79c55c359bfab06826ae3965fbfca1837e55dd39b6eea52868e578c4b0de34c938be6c068c97312b80bfb45cc482c50a4243fac68144f206ca570b4c8e2579a9d09304abebcda9e83228da8541afb0c26e5af6faec917154a82713b19a3a7ebe9ccf56576d0cbf355578b9bbb1ab6a893c7932e9c1c85020c7b7c80763fd9eaa8756849c88caf41bd06b4f59454ac7d0270c25ec765ee573fb625fd90f827438ce9410586e300e7ed0b4bc79134e48b48a2b7edad12a09ca18d85a5c2b40e52d3e5e8af29065f4bcada4e39d9276320b8a30c5836a088a4d0774abc25bf408f72a26bbeaf286df42f5ad3e3dba9c3c9b45f4272f97b1ad6263895eb727e7fd1d34e151465f1893cbbd0b9314f50923041338575ff0f9ddc48c83b9be6bac621a772b3c68e7b0cbc300fdd433dcf21eba31bbc1d7f6e352817a1ebd53e9a5ca14d6e984ae41df58c5c46ea96fd9b25831dcbd02392dfdf9644260b81da366dddf0b100b4aa8035df6a6780f4c1407c5eeaa5609ce2439892243e153076f1079a970f3555d372dcdb7e3125ae44ca79f1928c38e7798dc096166657d4e548a772ebd3b2bef68c59acd687d6c87860534161cf34f51ccc1923d331f75dde70ba7c5da712e42f84b6343dba0c6e6506216f950b0b7a1956167906881a7dc4c2934d348b90f8c7eb780facfd1ed8a1d5e68493bc285a7074bf2b252989bb9c5cb79b3e83c0883c17086dd1eb43c4b7df5a6aa201d253eec0d26b79d060a74ad112a135723d4875accc6369141913e75494ae2185dd38fbe750681896745ac41d0394f60bb7264b41cef65a3fe201eea883c9254a48005628058c3d5ca09cce2e410d2f739f29e34dd661f137cc5b41945e95c34e84ac2394e2cc6db1e3cc02a49d1fead165c956655640ae1f73d1889341bbbec6ab9d6a22933980fef5fe90ac55170ac2d6f7a4442c43b8a41ebbefd054ce589b3351880da1a43f57c2e06c205c3d0e5734bbc5e8cf7e8b5eddb26885194e43e0d5af00b486c2afaa3a82ae3ef0c9d50d44d406b8a7c37fcb8daec2614f95be06da686eb642a7c5d2eabfc0d919636de4b1bf3d815c9c3660f12ae080d8004de6716d9aecb3a9fb67910688c6322e508ab0fb5a3e1c9d45b81a39cebe01db4441ca63f8fe519cdab3d03ec327d407508d448c5159db8fc2fc7a4ff497e6b7f4487eb0915617e52ee02b54806e7a67074a6eae01ef64c15ce68deffd505e8240a4e99e29711a2f3a3cc3a30607c5f60877151317205112dc3b05119b2490303ba6eee5379b8d7df299e4b27bd5448f1a57119fbb6faeff707b85e389b63f72e2daf679c773da7079b435e8f25dbe458f695fede1bded0c0bb04c8430e87f36d26ee4270f6e7ae3aca08f44a3702fb04d7946a911dd900503c5588f4d183093560de4ce51c74ece39d79062f769d42b7970b5d0f4b853192f9c9b6310141a7b32a2d9de7b56b53fde3dbecf9b9afd25a750da90e25110e163f7c5f61caa35d7295c04ca5170b723156035df0c51fb3656e54a924f610e0e99f98c8204b9bc67b378d7c4f1108500a94ca8169cbc33254bb4c0bad799c3e9c072b4e333dac92c78e99e4d7ed44aee91cd8dd8b1000193f47dfd6f3ae5d483434340baf7aab5e78be5a0010a679879b94095c93e9ec9863bf2cd2a26f681e7bde49bd35b0fae69d9525767b7c0ebdc4c21084401cac36ee68204d9b7ade5dba8361f777d40e3719404057382d48a4abdef8c4f38cdf86a0848384a8c65bf18f3108207e7f52bde86f916a0cbb51720f3f9c3e93b923f4b662d0589028e1b0762488380334c382cb6acc24dde966c9260f28cf7837c5118c2676eafb73ac5308eabe02754b4d941167d0feb557923b09bae7a64351d640ad47e200b73094426ee931f08305bf7b93d314db9488208c3d184a95d5b2e2d2a4c753815465dbcbb619a67889774bc710bbd225ba78b43bf5151893da9760929a729e4f88b8b6180a6ac075c86b2db45d5bee1e66d9c82af47138213e2cba20674c062016ae5e75b6633808a512556cdcebaa35e804eebb0c7d9492c31c566a5a4480059471c8248c2da00f5a4604d0403c0102e5ac1cd10087be9257f4346fbf8a9271ca3d3f75685c3011773c90e3400e72d7fd619d3a1b2e7c2fded2c8436359888c2007aa4979c79ed4d9f6b0522265c96cd0cecfe84cb982175ddf181b796069ab3fbcb926842bd76cdeff2a32387b68e6e1e222e61d11df093a7746526ba5d2611c8f57e2785f43db78c75a0ca18c93c81d2c1c77dfe7ef6067214776129f30232619bab38506ce7c97165995fcd2643a37bfb9d8ae9206a0323949a53d1d65e04acc87ca7a7275795e7ef4d2285bbe4466932be86e0dc8b03ae81f9322b204121576b9b1c98c3a596cd9f33658f5c856321efe690a80e4a2d46944a92728f657ae84438bc338ccc7cf70ae1df9f32858f3d920b241650a2c205a5f43172013f5b142f5500635926d0c0352ac2e1a8aa21844c4da0971b8c3fb63d4f3a26ce11546667f191964ebb1e0d8b865d989cf04092fc46f0b8a4cdff0862c9fba42b364e7ae2c8a6cadb0faec6c16315cb9b8a1d8876065057cf0cbf8be85cbb6bb0011ac3cd4b21825315d898c352ec2fd0fdf1c6d016622159dd6959cbb106e71e524f1fedc939c6820f3952aa413e0dfc30e0d8de2e1c2aed647b35c28e6bb73bd60aee313c1c36d957ceb80cd5b0d0d1c1a37dd0790856219b8ca35bea21a0b5b7674fad699d2a0fd4bb6f964b266378d989b3502f6ca14220f0b4eab98feab761cbc0deab583b0f96d1a1f305465f94db1cf63c038a1dbcca75f2f0249909743b110a9f12a1d01dad3984e0fbd9f063f79ce7a6de9c23e56d09ac623baf8353aa15077b97a3d427a5ed551cfb1df4ca1ca1935228b97adf7afce364313a9598e6476d154509cab9aa625f4566ddbbc45981104802c122a3f08ee20dcd6bcef2b83de17fdc9c1358e670789a1c6da2993fe724a77efe09455103051d098884b8930e6c7b67b2dc1e977cc46eede7538deb6f3c1e7284c1f7f7dd2ad461d744a8a03cac6b3670d9a1ab446de8e606124599e42d1ca31d2a277d0f332d23900df6e38aa8ebf80efc83e91802541602faed379a29172b581c200646cfd6f7752965bb4b256e988fd9890b92664e4a86b63e6addc75e6984889512ba763c56d72cada987d562e3baa16552a2553022aa44fdba9443b916037e5b214bbb7e13270a41854ef882c3676fc97c3aa8efd7bafc08b6dc04fe0c3fb22e54ec719faf7d9d6a3504f5cc0e6c36375c71f7d543c07d2b1823d968395b5a6d8bb0185386e8eeeb1f7da07558661a4974b0c41cc0bf0469243c7a3f2", @generic="f98acadc7c4332bb3fd964f1649054cc4636e9e8b7aa21574f925faa37c10579a0d9fdf9e5a820299dc5651f4b53d5fd196beae9dfa3d62dec638b2b2cb9e4fd651372cca9451c623606db1783e25704ff005c2961953610bf8ba5abf5e2958d9ed42e3b35b0d114d2c5777f240e1da1b5958f1011505615a568", @typed={0x8, 0x1f, 0x0, 0x0, @uid=r4}, @generic="18e6ac10896cb35ae3e01736c7f2e22d7e8098316adef7c18d4bc2767e93efc2ff9744ad7028b3f98fca5e695424"]}, @typed={0x8, 0x6a, 0x0, 0x0, @u32=0x2}, @nested={0xc, 0x25, 0x0, 0x1, [@typed={0x8, 0x4e, 0x0, 0x0, @uid=r5}]}, @generic="fa488c4cbad10ac451f247b4fe7631199d57fd6d38d44dd42467a897c779b0d0b48fd23e47ba828e6fe8161a51b97a8e55ea70620ca0cc32e5a1b006ed7ae354e259f695459147334781f19d638684e565c75efe306601bd5e390ec40307fba21202312ba2319ec88c31ff30ff5b87e9e08a56cce91e6fd7c6e80cea94467dbccee26adceb00a6bb246bcca8fa15fa92f608c47adc4b052e97ead149836c247daaa2437a5594a67e6aa393fd56c8021b0607c4e92474a21e4a7e6a4cd21708df143dd3db5baf5783a987d4067648151b80a889bea8ac54ede4095d05786fa18588db9767da2d362d6959e4bdc90f35f68ef65da2572d556d51c132ddb5d570be61c93f52829eb6008858c0800ddbcadaaceb3e425ce5168b385ba332c9ae55096be29df4bb7787e67aafe8f7479523084f19286a56494bbb67cfb85ce4f6e0165f11fbde3649a0d54ba4a69b98681ec02e0f0a80e472ed0164823124a4ad821c80a208b913476ca46fede3ce01e2a787b4d9bd16efd91b9fea78c4f2b8e3ef420ef6c165984594a854bdc8e99f66f3667ebad8e2b0287ef1046a717a24511601082b62ff5784d32d74b65f7a72f7e40f02e6f969d2c6181b272ed1d702a764a77910cb40b144ad8fc5ab59277d79796b611e6a3a86043e3662b789b3095d6d643fb3dd1b28de12c2b35226cf0508c70ab70f1be05908461cd979e3507024f3150ec4bd508484acd506832b10d57763bc81d747d342449e4d4436c8e934076a9538153f638ba77733e7cc54744be485e73a1cc5b51a4f5daef3066bf251459388da8e018dddfff69fd63ef14137b2ba5b6e867d19d9250b31ff8b1f114d87531809ba5cc451ee363ff4ac362f9ad6c620737d10408d611b900b1884ab47b2b25b17871705d072678a87009216ac3272452c7e59cd0665787a4a04c4b56382bbd5c075501d73f85bc673f507d501a8367bc8672a926558423266837b62816e9af71234119b9b718fa44d275fd0328a914431d0dcb45f211c7478d296ee6dfa35474eccfb553a2dc063a22f5f84c803f0646c042db9672e0daaac849baa3c298672adfb897075ff87b0bf6c773a197240f91dd2aee2c426a3f65470d0fe28de5677f954b3a3829ac847d5193c3f324a22eb3ec2d4e70fe0955b3c45d2cde4ec690dc3d2849fe3507cc608d7c33502863c227f383058bb336d4860081ca717a8701c24add8ffb88f269389c00c2cec1861ff0447fcb9aa677a6f9b98de00ddf0df31021172ccb715479640f410cb406bba02753ff16e4e1b2dcf593f5d760c8c48d156285d8f17a63bc31ff0a05c1e8243e9e5caf5359061fabf48a419ac8283c4b61ed0203edad1fcb11f4a517c4428f64ed1cf4a0174b610791d111a17b422cd9f3bf33575faf3c9703140bb36546061b40126afac7eb91fc4cd13aa83d5de04f990cf03853e3a5b82600cfe0ea220398858a6645c378d1bafdf904379e17d1aba0ae8135f2772b569a2ae984e77a14ab896648e3aa8c1d02afe5fcd459da0ae619e1bddfdc621a249ae6314d7d5acf7211ddeb3dea82a6c553feb27345af59b4be63d88b4dd670873cc8b19f11e7a64f1f36b811b4456dc6bc952aa413357ad9a1543aa8761219b623bef0c29e463d71a4ec8c68c1b15c43a9dace66111d4f3959077cccf6e44bb030d4b819529c7e7b757d44136b522d83b4f3e01ede4719b4ca3428f4724c6a0ef6b7fd4b48249a337332f10aea0f66208caa3f5992ff7840dd5e9d41a73dc40977aaf27c64a2667f91d94c13bdb736e1375f6f61fb80f362229514423a4d97f92bad4e9ab2c0c5acd60bb6169dd806cc205db6e807c3c184bbc6a41ffcdc63268d73e61760472c24c8ae79d728143e62d3b399c0649ace8988591b9c8676824725a5de396498e041b65ccd5452bd3cc4fcd490d50015b1ea51ca74f28dd30da2cc2b62640a69befb91d941f4cdb805e5de49c8942d074f25e45a70f03b50c9eb1850692dc8b5642eb5ce92bba67f77dd8a70dbcf1164e709becd268aadc98dbcc1261e2e9e74ef672cdc1cf8802dc8d1b0c29f2993d99e30c6530d4fac5dbb562fb5c6bed0645719f949ffb39ae9e353b874a7fb1a5617aa648a5fbc8c3e88ca2fcda6f3605e9f9fa4cc7582236a0ac9ad7d726345393f7be217a24d8e216378d04155214a1fbf91cec1f86d5849f99c837d4816c2ef0c2799d81f93b3ada328b0c5758b2a8728bea1b076bb6b5de3f4f79f1561598d112fd3fc05d97664bb4186ef66ff166aa60eabf343e3782872cf28604e1b9754e8795ea6951137f86552c5bcc58af713be4774b810386b6f9dfbabd063008bec155faa130f447be90ea010b7dea00e31a2c88c2d4e1b7c585369c10524c2f7c3ab7e1073ae6f2dc0a402b3bbce4929e0e6f8e799fb011d449ee1bb839953cdf8399ddb05676adef0b5059a7261b1014a18bd778e64b1851a2467fb4a69d9f44b3df86e23e275d5b4900702b947464147d7bc86f0f3217dd88232a4fe33c810af97e8a711996c667f2a4bae5596c4ffb3b4b4f9363b1d9faba5186cb060336863c489c5e7c66aa9b248e05470b8803b5d128f6a8ae2f99319de2fc2f02f087a92d7f61d4ef22df93f675b9ffa1b8a03b00cb2f9200fb380bd45f290e641627009dcc8a3c0457e211021ae6c770af0dc5d01be7504cd22f94ec495a08c94dd4ec8a86a1e18d81d14ce861b6f81e7c357a800ddfe13fa3768aa5be253aa78334adccb3b11a7c9d491fe9f890faf4e995be81561daddc7f12c5a8590e75490ce6eebdb38c35c8c88e41af76b0d2de7a3cd7ce3cb772cfa3512e4e6835f63168ec850600d17e87ea0024ef53cc85478328f5879f3c700ef98f54d921a87de7868bb28518689bd7ba0fafb954358b31cc24cf016c4c4c41a299a2f50db1e4d7f2a9e9df48b180675e77b5b01c4de236f4097cf7dbdc3c5ab61449d160154fc6bd2d643078719ca476f381be40ded79f38f671a327cc282c12598040904d9125d50c3433beedaab7d8de4f4261643f6179b823fab9b9a9c2d9db82aaca52ba48dcddfe8849b9694a870d09c67856b1617cf6477774a2a94d4437af8b38dba84f3314068c7e4ca03ed609c13ebd2d1ba998eade0eb672e658b41fd04bdc7e95dcad5ee445174186fff0ff981bd5b5dacef87e21d234fe0e394e7e88216933b603e639fd2dc8dee8671762e2184f73b2e1324c07b28fc2a5603eaf865b8c641ed276ff63ad68a6765600d59994045d64627a2499221491084ce98f589ed50d6f216daba769df1ca3c2ee91a4f24eb5d800e8064b74b7c098cb80af19fc30d1f37fd539bd5c7ebe1b63b7115e4a428baac42bd2abe0f8e781cebc547ba4e88fc1142043efef2e98e6bff2794b25fa76a6fd75d148808352505c91d299a1c82d6a4298fff46c9618360f6d740010af115d434b92af277ef26798e4b9aaebc3a758a2e92623c7d84891cb2cd72d2545377d61f06f15d2bc114c9c77e1de2068cb9132d19987ab98f2763d3bc521eb32a3ef44e9732e002d678d592e84ebe276dd7f28a2e409a774168c8f0b9b67e9d76251323861ba0a0daa1d8bdda107a13d891b3615df18ba64aa3e42a95d997eec875908683581b9cb1682f668c67df3a37aa6714868e14caf495ad0da2a3ece4ea7ecea5d457ae42052ec46131cdf0c2745e641ec6d0d4b46364782cca49e6dc8b51876a8cbc15c98eecd14f30cea80f2bf73304fdd58c34893bf3bdd6c0ed0da74c08e38ef455b3c7ada8858956e59d7de4e99a75eb1903103b9afd34783b6eeab645f4c14f7d048d272ec24b7466026ffd81b71b0c228981a97de8c6577eaca9b4791995aca4a940075a325ad18be73d75d536d24a3d4bf67c8247ac6244084a82c0aeaf593416541b55018be70eb3dedebcc22e8fc78b996b21566374b6438273efb1eea5c7d4a1d63d0c6bb26a0c580b185473fee3856ade9f4959fe0c4ce5933b420f4edce2c4a03f26279a975fd816307664c7a98fa521572f501e153a87d489ef0693b164bbd83a94f624ba80204abd3235b7242c208b903a8f5352f80da26188df3209d0eeb96853252002bd1e7888f760b7829020e45cdea8da1efdd5722ed54e8006d5551dfa8cb360ae3dd49952e39df592477df3cc81afc88bd0eafde36a0f3d36850c9cf395eec43b388e22b3a990971768f63362afe820188ebd1c303ee1c90bb0f1ae95333080a607a8caf67d48849f8e37ac0671d70d212341ad5d224b5a427260fc35af71467ec6eefebc50adf612a599b5023c518cf1ffd9b31375ed10f7a6a202f96ce10230e0c90ca272241b134c6dbe990a8f4e16cd843e1a1f55c11ab4aa34960d674c04990608b054da8a086c1a3873fb78364dc19ecc64c7a954ca80088ab43f7e1e4573027a6eb83f911b02cd74d8e44b74c230a5337e335dd6580ede09497a5b09772b99b103cf8a5ad84484c2e3fe3ccd1edb22aeff0c4f8c544408504ae936880446a83c86b553635afb6af22bad30905588bc933f373b3c47976632650e5fa09af02f5f0cba4ae3f199f974b9cdefd590c69a059d3055a6509645c782a36e902f4485e0113e147dfd94fce56c6bf41d8e5d43a1ae7571ae48673bd0318fc8bcaa9f183b37c31d646d62ae0be96a17aca5698d24f37da02b0a9fdcc8875da0b79f51fd6b6a3e721f9a89502febcfc46fbedaa53226382ec8c45353b7f0e3ec0b3544336964fc69831d01213c7c327fab445f2bd6a76fae1ea06c776f3a0fd276fa1ca05b8e835760e053eb39d117b42451c7f6f23c4d5e0775bcd90a8144a6b5812a4bcd97f232316bc2dd6d42936857565ccec4f3131e574dace4b3e90b98d42ce6f1531563c3f91c09655f8fab074bb29c2b322b9d5914c806d3a58721d1fb2075d369d574ee6f687813067ce461a298a8a290d7dbec44b4d05351d7eeedf282bf3f130d0df7e846818aa2a62b7d7d8e04b6a4b56fce1b4342b2e7721fcc925b62e6a6954c7b03e5c65b0861e158449d959d0b95470043e969ffa1a1d83e42e5239c30ce8414b783f0d34f686f7dc9364c6e3d9a5bf78dc09c27f5531c407a6757a59bbf6eccce470c0f5a39c7f10d2e86e1909bb056bbf57e0d66dbfd88ee72235dd8275555c0c43a11899b8b9cc476c3cfb3c17b944f179266e496c219e5151ad4997450587143e37b72150082bd83155855ecedc34cf615f7636ab9df7cf05c558f19dd9d26c367e568af6131d695bbb3562acec89e792484199efdb94cceb51689ea6b2e6417958bac99c296a42bd5a951ad235b467e36715c70c7fdd8de2259a6605236c48939a3375004ac0ccda56e3e1f5c8a4c2c4ee1d58bdca381b436314d6a18c31916be44de94a2a0222b180615ddd078b29b5c08b006c181f344cce499b5e02b01ede2eeb96f81addf197f392961242a755dd9c855e2d6ffad0dcc2c8f6bbed9f522bd8184514739dec7ab094411210d052572ec40ea02849bac46b22963a914b41ea379f6c0e3aa2e57ff584155c78050609102a8d74c332c26743f39e2439b3ec877b242a45b21d8cfba5cfad193192cc4a7ab7c65f11bc7f1b67ecd525660d05e274273a5da5523cc1c330ceec7fc3d833ad71f6881e83bf3360741d9723fb8e2645e652143221b04b5b752c74862a420f0a00cf1308827de77934143ef64c7194b93c3ffe91f4435acf75cc97eb984717dfd9c32e8e8c8f3cf0883a1e355a65581ae61809328562ddf686cdab33d9b2fea63cbf0769dd097fe81db9acc4fe13abe627"]}, 0x2144}, 0x1, 0x0, 0x0, 0x4004000}, 0x20000004)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r6, 0x84, 0x20, &(0x7f0000000080), &(0x7f0000000000)=0x4)

03:55:33 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r1, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$PNPIPE_IFINDEX(r6, 0x113, 0x2, &(0x7f0000000140)=<r7=>0x0, &(0x7f0000000180)=0x4)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000004340)=<r8=>0x0, &(0x7f0000004380)=0x4)
sendmsg$NL80211_CMD_GET_MPP(0xffffffffffffffff, &(0x7f0000004480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000004440)={&(0x7f00000043c0)={0x64, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r1}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @local}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @remote}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x3, 0x4}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_MPATH_NEXT_HOP={0xa, 0x1a, @dev={[], 0x3f}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r7}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:55:33 executing program 1:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x0)

03:55:33 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x618600, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000140)=[@in={0x2, 0x4e22, @local}, @in6={0xa, 0x4e23, 0xfffffffd, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x5}], 0x2c)

03:55:33 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0))

[ 1272.706838] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1272.746116] Bluetooth: Unknown HCI packet type 5e
[ 1272.746122] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1272.757637] Bluetooth: Unknown HCI packet type 43
03:55:33 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000000)=0x10008004)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
pipe(&(0x7f0000000200)={<r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r6, 0x4080aea1, &(0x7f0000000240)=""/149)

[ 1272.782517] hfs: can't find a HFS filesystem on dev loop2
[ 1272.796533] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1272.803284] Bluetooth: Unknown HCI packet type 5e
[ 1272.804501] Bluetooth: Unknown HCI packet type 5e
[ 1272.808585] Bluetooth: Unknown HCI packet type 43
[ 1272.849054] Bluetooth: Unknown HCI packet type 5e
[ 1272.849339] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1272.854138] Bluetooth: Unknown HCI packet type 43
[ 1272.874832] Bluetooth: Unknown HCI packet type 50
[ 1272.887579] Bluetooth: Unknown HCI packet type 5e
[ 1272.888983] Bluetooth: Unknown HCI packet type 5e
[ 1272.898078] Bluetooth: Unknown HCI packet type 5e
03:55:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1272.919821] Bluetooth: Unknown HCI packet type 50
[ 1272.930423] Bluetooth: Unknown HCI packet type 40
[ 1272.939365] Bluetooth: Unknown HCI packet type 5e
[ 1272.943574] Bluetooth: Unknown HCI packet type 50
[ 1272.961040] Bluetooth: Unknown HCI packet type 5e
[ 1272.972126] Bluetooth: Unknown HCI packet type 40
[ 1272.990216] Bluetooth: Unknown HCI packet type 40
[ 1273.012975] Bluetooth: Unknown HCI packet type 5e
[ 1273.021543] Bluetooth: Unknown HCI packet type 43
[ 1273.024137] audit: type=1804 audit(1586318133.573:152): pid=18639 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir177172910/syzkaller.VzKGGn/199/bus" dev="sda1" ino=15980 res=1
[ 1273.034924] FAT-fs (loop4): bogus number of reserved sectors
[ 1273.058748] Bluetooth: Unknown HCI packet type 5e
[ 1273.071682] Bluetooth: Unknown HCI packet type 50
[ 1273.131036] audit: type=1804 audit(1586318133.663:153): pid=18647 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.1" name="/root/syzkaller-testdir177172910/syzkaller.VzKGGn/199/bus" dev="sda1" ino=15980 res=1
[ 1273.133889] Bluetooth: Unknown HCI packet type 5e
[ 1273.165296] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1273.217099] Bluetooth: Unknown HCI packet type 40
[ 1273.226149] audit: type=1804 audit(1586318133.703:154): pid=18647 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir177172910/syzkaller.VzKGGn/199/bus" dev="sda1" ino=15980 res=1
[ 1273.283571] FAT-fs (loop4): bogus number of reserved sectors
[ 1273.300756] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x4, 0x0, 0x10000}, 0x0)
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={<r5=>r2, r4, 0x0, 0x2, &(0x7f0000000000)='^\x00', 0xffffffffffffffff}, 0x30)
ptrace(0x10, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1273.439141] audit: type=1804 audit(1586318133.983:155): pid=18658 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/315/bus" dev="sda1" ino=15982 res=1
[ 1273.541584] FAT-fs (loop4): bogus number of reserved sectors
[ 1273.562053] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1274.230340] audit: type=1804 audit(1586318134.773:156): pid=18660 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/315/bus" dev="sda1" ino=15982 res=1
[ 1274.322047] FAT-fs (loop4): bogus number of reserved sectors
[ 1274.343392] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:35 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
lseek(r2, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8400fffffffa)
ioctl$VIDIOC_DBG_G_REGISTER(r3, 0xc0385650, &(0x7f0000000000)={{0x3, @name="6b0f63740df1e97419d66e0d84c452ef367493c07f226ca0b67950184e463b37"}, 0x8, 0x9a2, 0x7})

[ 1274.555711] audit: type=1804 audit(1586318135.103:157): pid=18666 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/315/bus" dev="sda1" ino=15982 res=1
[ 1274.642085] FAT-fs (loop4): bogus number of reserved sectors
[ 1274.663121] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1274.727287] audit: type=1804 audit(1586318135.273:158): pid=18674 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/316/bus" dev="sda1" ino=15984 res=1
[ 1274.820410] Bluetooth: hci1 command 0x1003 tx timeout
[ 1274.825736] Bluetooth: hci1 sending frame failed (-49)
[ 1274.831401] Bluetooth: hci0 command 0x1003 tx timeout
[ 1274.845651] Bluetooth: hci0 sending frame failed (-49)
[ 1274.900437] Bluetooth: hci2 command 0x1003 tx timeout
[ 1274.908353] Bluetooth: hci2 sending frame failed (-49)
[ 1274.968632] audit: type=1804 audit(1586318135.513:159): pid=18686 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/329/bus" dev="sda1" ino=15810 res=1
[ 1275.060359] Bluetooth: hci3 command 0x1003 tx timeout
[ 1275.065889] Bluetooth: hci3 sending frame failed (-49)
[ 1275.086450] Bluetooth: Unknown HCI packet type 5e
[ 1275.433196] audit: type=1804 audit(1586318135.984:160): pid=18692 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/316/bus" dev="sda1" ino=15984 res=1
[ 1275.471435] FAT-fs (loop4): Unrecognized mount option "./bus" or missing value
03:55:36 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
dup(r0)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = perf_event_open$cgroup(&(0x7f0000000040)={0x4, 0x70, 0xff, 0xfa, 0x3, 0x6, 0x0, 0x1f0, 0x4600, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3ff, 0x0, @perf_bp={&(0x7f0000000000), 0xb}, 0x4020, 0xdd, 0x3, 0x5, 0x9d, 0x4, 0x7}, r1, 0x9, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x2)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1275.649961] audit: type=1804 audit(1586318136.194:161): pid=18695 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/316/bus" dev="sda1" ino=15984 res=1
[ 1275.800467] FAT-fs (loop4): bogus number of reserved sectors
[ 1275.816411] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x800000, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0])

[ 1276.782771] FAT-fs (loop4): Unrecognized mount option "0x0000000000000003" or missing value
[ 1276.900270] Bluetooth: hci0 command 0x1001 tx timeout
[ 1276.911914] Bluetooth: hci0 sending frame failed (-49)
[ 1276.917471] Bluetooth: hci1 command 0x1001 tx timeout
[ 1276.927929] Bluetooth: hci1 sending frame failed (-49)
[ 1276.980401] Bluetooth: hci2 command 0x1001 tx timeout
[ 1276.986894] Bluetooth: hci2 sending frame failed (-49)
[ 1277.140118] Bluetooth: hci4 command 0x1003 tx timeout
[ 1277.140144] Bluetooth: hci3 command 0x1001 tx timeout
[ 1277.140849] Bluetooth: hci4 sending frame failed (-49)
[ 1277.156018] Bluetooth: hci3 sending frame failed (-49)
[ 1278.979950] Bluetooth: hci1 command 0x1009 tx timeout
[ 1278.985200] Bluetooth: hci0 command 0x1009 tx timeout
[ 1279.060131] Bluetooth: hci2 command 0x1009 tx timeout
[ 1279.220369] Bluetooth: hci3 command 0x1009 tx timeout
[ 1279.225662] Bluetooth: hci4 command 0x1001 tx timeout
[ 1279.231752] Bluetooth: hci4 sending frame failed (-49)
[ 1281.299761] Bluetooth: hci4 command 0x1009 tx timeout
03:55:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f00000000c0)={0x5, 0x8001, 0x1000, 0xfffffffffffff800, 0x8})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:55:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
r0 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r0, 0x1000)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x8400fffffffa)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r1, 0xc058534b, &(0x7f0000000080)={0x6, 0x55ed, 0x9, 0x200, 0xc8, 0x5})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r5 = dup(r2)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:55:46 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
truncate(&(0x7f00000000c0)='./file0\x00', 0x9)

03:55:46 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0))

03:55:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$TCFLSH(r1, 0x540b, 0x1)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:55:46 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
ioctl$TIOCSETD(r3, 0x5412, &(0x7f0000000000)=0x10008004)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
pipe(&(0x7f0000000200)={<r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r6, 0x4080aea1, &(0x7f0000000240)=""/149)

[ 1285.534141] Bluetooth: Unknown HCI packet type 5e
[ 1285.534164] Bluetooth: hci1 sending frame failed (-49)
[ 1285.539528] Bluetooth: Unknown HCI packet type 43
[ 1285.549553] Bluetooth: Unknown HCI packet type 5e
[ 1285.554501] Bluetooth: Unknown HCI packet type 43
[ 1285.560542] Bluetooth: Unknown HCI packet type 5e
[ 1285.565635] Bluetooth: Unknown HCI packet type 43
[ 1285.567924] kauditd_printk_skb: 3 callbacks suppressed
[ 1285.567932] audit: type=1804 audit(1586318146.104:165): pid=18750 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir177172910/syzkaller.VzKGGn/200/bus" dev="sda1" ino=16129 res=1
[ 1285.585667] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1285.604554] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1285.614669] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1285.624942] Bluetooth: Unknown HCI packet type 5e
[ 1285.633368] Bluetooth: Unknown HCI packet type 5e
[ 1285.654610] Bluetooth: Unknown HCI packet type 50
[ 1285.657133] Bluetooth: Unknown HCI packet type 5e
[ 1285.667086] hfs: can't find a HFS filesystem on dev loop2
[ 1285.677879] Bluetooth: Unknown HCI packet type 50
[ 1285.690370] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1285.700864] Bluetooth: Unknown HCI packet type 50
[ 1285.700885] Bluetooth: Unknown HCI packet type 5e
[ 1285.719493] Bluetooth: Unknown HCI packet type 5e
[ 1285.737115] Bluetooth: Unknown HCI packet type 5e
[ 1285.748903] Bluetooth: Unknown HCI packet type 40
[ 1285.760790] Bluetooth: Unknown HCI packet type 40
[ 1285.780145] Bluetooth: Unknown HCI packet type 40
[ 1285.790934] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1285.812796] audit: type=1804 audit(1586318146.214:166): pid=18773 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.1" name="/root/syzkaller-testdir177172910/syzkaller.VzKGGn/200/bus" dev="sda1" ino=16129 res=1
[ 1285.866296] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1285.916816] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1285.936474] audit: type=1804 audit(1586318146.404:167): pid=18776 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/319/bus" dev="sda1" ino=16135 res=1
[ 1285.991318] audit: type=1804 audit(1586318146.414:168): pid=18750 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir177172910/syzkaller.VzKGGn/200/bus" dev="sda1" ino=16129 res=1
03:55:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000040)={&(0x7f00000006c0)=@newtfilter={0x3c8, 0x2c, 0x2, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, {0x1, 0x2}, {0xfff9, 0x7}, {0xfff1, 0x4}}, [@TCA_CHAIN={0x8, 0xb, 0x7}, @filter_kind_options=@f_flow={{0x9, 0x1, 'flow\x00'}, {0x2c, 0x2, [@TCA_FLOW_RSHIFT={0x8, 0x4, 0xbe}, @TCA_FLOW_PERTURB={0x8, 0xc, 0x7}, @TCA_FLOW_MODE={0x8}, @TCA_FLOW_MASK={0x8, 0x6, 0xffffffe1}, @TCA_FLOW_PERTURB={0x8, 0xc, 0x23c}]}}, @TCA_RATE={0x6, 0x5, {0x20, 0xfe}}, @TCA_RATE={0x6}, @TCA_CHAIN={0x8, 0xb, 0x9}, @TCA_CHAIN={0x8, 0xb, 0x2}, @filter_kind_options=@f_flow={{0x9, 0x1, 'flow\x00'}, {0x314, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x1ffbc}, @TCA_FLOW_KEYS={0x8, 0x1, 0x101a4}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1c203}, @TCA_FLOW_MASK={0x8, 0x6, 0x4}, @TCA_FLOW_EMATCHES={0x2d0, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x1bc, 0x2, 0x0, 0x1, [@TCF_EM_META={0x38, 0x2, 0x0, 0x0, {{0x3, 0x4, 0x6a2f}, [@TCA_EM_META_LVALUE={0x29, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="270d2fdf", @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="b826", @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="decc7f"]}]}}, @TCF_EM_NBYTE={0x1c, 0x2, 0x0, 0x0, {{0x5, 0x2, 0x1f}, {0x4, 0x8, 0x2, "d1bf69db8420fa02"}}}, @TCF_EM_CONTAINER={0x3c, 0x2, 0x0, 0x0, {{0x81, 0x0, 0x4}, "a8d70fddd6c2e323342c4a16b7090e9bcd26ff19dfc9b47ac3e591a4df5a24b3a8973c9f7b90f7b22f11970880345a"}}, @TCF_EM_IPT={0xf0, 0x2, 0x0, 0x0, {{0x0, 0x9, 0x3ff}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x5}, @TCA_EM_IPT_MATCH_DATA={0x8e, 0x5, "9c7513fb17901246b0b96547f30902dc29e8211cf477a59cbf472bf1842685d807cfa5e9b7de948b47e3df8fde993b0bec28025e9d50419a6a8fbda9f1bd4fe41654ae0fe16ce17e9916bba7320629ce4b4b433cbea029a7000b32bf34f3587766c2e4d4ca33b7db513e512810a4d5041aa2199bca0cb277e1a61376af21483be54e097caa197e5fde76"}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x5}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x1}, @TCA_EM_IPT_MATCH_NAME={0xb, 0x2, 'policy\x00'}, @TCA_EM_IPT_MATCH_NAME={0xb, 0x2, 'policy\x00'}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2c}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x3}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xff}, @TCA_EM_IPT_MATCH_NAME={0xb, 0x2, 'policy\x00'}]}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x3ff, 0x3, 0x80}, {0x1, 0x6, 0xffffffff, 0x6}}}, @TCF_EM_NBYTE={0x1c, 0x1, 0x0, 0x0, {{0x4ba, 0x2, 0x63f6}, {0x9, 0xa, 0x2, "48f664f26233b45c1d81"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xcfa}}, @TCA_EMATCH_TREE_LIST={0x108, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x3ff, 0x8, 0x400}, {0x2, 0x4, 0x4}}}, @TCF_EM_IPT={0x7c, 0x1, 0x0, 0x0, {{0x4, 0x9, 0x7ff}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x6}, @TCA_EM_IPT_MATCH_DATA={0x58, 0x5, "da8511855410eadd6d7c4c18841db4fa6db37c2fc9caced89062f8cbfcc2487127d7506365e91a7707fe3a0f235a515fd17c51c416b354db56f2df23c24a2d76661e7da3a971415ec40c3413bd6d11dc5414e14f"}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x4}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}]}}, @TCF_EM_META={0x44, 0x2, 0x0, 0x0, {{0x80, 0x4, 0x3f}, [@TCA_EM_META_RVALUE={0x15, 0x3, [@TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="85", @TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_LVALUE={0x1e, 0x2, [@TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="9ae4ffbdaa", @TCF_META_TYPE_VAR="d5d114576031d5e6b0", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_INT=0x9]}]}}, @TCF_EM_NBYTE={0x1c, 0x3, 0x0, 0x0, {{0x7, 0x2, 0xff}, {0x4, 0x7, 0x1, "b35ebf8e7eb975"}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x96a, 0x1, 0x81}, {0x0, 0x7, 0x1, 0x2, 0x1, 0x2, 0x1}}}]}]}, @TCA_FLOW_RSHIFT={0x8, 0x4, 0x6}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x7}, @TCA_FLOW_ADDEND={0x8, 0x5, 0x6}, @TCA_FLOW_XOR={0x8, 0x7, 0x80}]}}, @TCA_CHAIN={0x8, 0xb, 0xb5}, @filter_kind_options=@f_matchall={{0xd, 0x1, 'matchall\x00'}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xa, 0x5}}]}}]}, 0x3c8}, 0x1, 0x0, 0x0, 0x20000004}, 0x14)

[ 1286.129371] FAT-fs (loop4): bogus number of reserved sectors
[ 1286.149012] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1286.223500] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1286.300601] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1286.326762] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
03:55:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x12)
setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000000)={0x9, 0xfe, 0x0, 0x7f, 0xd0, 0x4, 0x1, 0xe1, 0x8d, 0x1f, 0x0, 0x5, 0x7, 0xe3}, 0xe)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1286.525682] FAT-fs (loop4): bogus number of reserved sectors
[ 1286.539504] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[])

[ 1286.674593] FAT-fs (loop4): bogus number of reserved sectors
[ 1286.694874] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/userio\x00', 0x340, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, <r4=>0x0}, &(0x7f0000000280)=0x5)
setuid(r4)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, <r6=>0x0}, &(0x7f0000000280)=0x5)
setuid(r6)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, <r8=>0x0}, &(0x7f0000000280)=0x5)
setuid(r8)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x808000, &(0x7f00000006c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@dfltuid={'dfltuid'}}, {@noextend='noextend'}, {@noextend='noextend'}, {@fscache='fscache'}, {@nodevmap='nodevmap'}, {@nodevmap='nodevmap'}, {@fscache='fscache'}, {@privport='privport'}, {@uname={'uname', 0x3d, 'cgroups\xbb\xf9r\x00\x88D\x83,ns\x94\xc0\xed\xb7=d\x99\xebe\x9c\x89\fvaC\xba\x83\xdf\xed\xf4\x15\xbfB4\x9d\xc7h\xadAf\xbd\x84L#Y\xcb\xbc\v\x90\x9e\xb1\xc5zgvV\xfe\xae\x019H\x9b\xb4Z\x91F\xff\xc5 \xe9S\x87o!\xc9\xbc\xc5n\xef\b\a\x10|A\xff&\x11\x1a-\xa8\x84q\x0f\xb6\x1a\xd4t\x80[\x0fj@5\x84YU$;\'X\x01\v\x99\x8c\n|\xcd\x04\xe6*hfn=\xcab\x92\vk\xe6=\x1cQ\xbb\x8e\x16\xb8\xb9\xb5\x16\x9c\xe4\x88\x1c{@\a\x03J\xddJ\xac\xbf3\x116\xad\xbblu\xf3\xec\xa0\xcf\xa8l\xc5\xe98\x88\\\x1a\xe8\xa4\xd8`\xd9~>\xf6\x0f\x1f\x12RJ\'i\x9b\xf7\xa6\xe1'}}, {@dfltuid={'dfltuid', 0x3d, r2}}], [{@euid_eq={'euid', 0x3d, r4}}, {@dont_hash='dont_hash'}, {@fowner_gt={'fowner>', r6}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@subj_type={'subj_type', 0x3d, 'dont_hash'}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_gt={'uid>', r8}}]}})
r9 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:55:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x2440, 0x0)
ioctl$KVM_GET_DEBUGREGS(r2, 0x8080aea1, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1287.035744] FAT-fs (loop4): bogus number of reserved sectors
[ 1287.066779] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x840, 0x0)
getuid()
ioctl$UI_SET_PROPBIT(0xffffffffffffffff, 0x4004556e, 0x0)
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0})
pipe(&(0x7f0000000200)={<r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$TIOCGWINSZ(r6, 0x5413, &(0x7f0000000040))
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000240)={0x0, <r8=>0x0}, &(0x7f0000000280)=0x5)
setuid(r8)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x1000, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@version_u='version=9p2000.u'}, {@debug={'debug', 0x3d, 0x889}}, {@nodevmap='nodevmap'}, {@dfltgid={'dfltgid', 0x3d, r5}}], [{@euid_gt={'euid>', r4}}]}})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="662a193816e72a2699d84c9da7ed9c00000001"])

[ 1287.190050] audit: type=1804 audit(1586318147.735:169): pid=18849 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/330/bus" dev="sda1" ino=16128 res=1
[ 1287.288561] Bluetooth: Unknown HCI packet type 5e
[ 1287.293915] Bluetooth: Unknown HCI packet type 43
[ 1287.539179] Bluetooth: hci2 command 0x1003 tx timeout
[ 1287.544572] Bluetooth: hci0 command 0x1003 tx timeout
[ 1287.544604] Bluetooth: hci2 sending frame failed (-49)
[ 1287.556924] Bluetooth: hci0 sending frame failed (-49)
[ 1287.619307] Bluetooth: hci3 command 0x1003 tx timeout
[ 1287.622561] Bluetooth: hci1 command 0x1003 tx timeout
[ 1287.624793] Bluetooth: hci3 sending frame failed (-49)
[ 1287.634962] Bluetooth: hci1 sending frame failed (-49)
[ 1287.991094] FAT-fs (loop4): Unrecognized mount option "f*8ç*&™ØL�§íœ" or missing value
[ 1289.299021] Bluetooth: hci4 command 0x1003 tx timeout
[ 1289.304364] Bluetooth: hci4 sending frame failed (-49)
[ 1289.619004] Bluetooth: hci0 command 0x1001 tx timeout
[ 1289.624292] Bluetooth: hci2 command 0x1001 tx timeout
[ 1289.624329] Bluetooth: hci0 sending frame failed (-49)
[ 1289.631849] Bluetooth: hci2 sending frame failed (-49)
[ 1289.699011] Bluetooth: hci1 command 0x1001 tx timeout
[ 1289.699045] Bluetooth: hci3 command 0x1001 tx timeout
[ 1289.709748] Bluetooth: hci1 sending frame failed (-49)
[ 1289.722396] Bluetooth: hci3 sending frame failed (-49)
[ 1291.378981] Bluetooth: hci4 command 0x1001 tx timeout
[ 1291.384392] Bluetooth: hci4 sending frame failed (-49)
[ 1291.698894] Bluetooth: hci0 command 0x1009 tx timeout
[ 1291.698898] Bluetooth: hci2 command 0x1009 tx timeout
[ 1291.778924] Bluetooth: hci3 command 0x1009 tx timeout
[ 1291.784216] Bluetooth: hci1 command 0x1009 tx timeout
[ 1293.458771] Bluetooth: hci4 command 0x1009 tx timeout
03:55:58 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:55:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={r1, &(0x7f00000000c0)="86f84f255bd0f521ad07d83b89bf47d17099571419ed0171ef39c638364f1ebaec92dba32194f2939d52a074e32aeb66ded3e77780", &(0x7f00000001c0)=""/230}, 0x20)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})
setfsgid(r3)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="6e6f646f7473ddf4dd2c6e66ac6f63"])

03:55:58 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x7ff, 0x280000)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:55:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid'}}]})

03:55:58 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000140)=[@in6={0xa, 0x4e23, 0x7, @mcast2, 0x7fff}], 0x1c)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x111180, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x3f)

03:55:58 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x40880}, 0x8000)
fsetxattr$security_evm(0xffffffffffffffff, &(0x7f00000003c0)='security.evm\x00', &(0x7f0000000400)=@v1={0x2, "d941db19fe7d87c4"}, 0x9, 0x2)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x21, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf385fccd602bf963edaae01ebd125510bbe75beac077af773c5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6bb1d491df7b94a181bdc9052ea2126eaab127b2e898f8a16cd25e4476365c42acede8cbe3bc15a1b726fad0a38c1995552b8dc3f6ebc5f8df3e3994df918de878ba1cd83e2d27b6d952915e1efa06bfa507f54fb34aec303d5f235a3c404360f97fe6496e83dd475c8aed1449a31d117c250c14e2b95859d62c1d54d967bac2270d8a65c4222a073c8198869cf125677a6650f1"], 0x48}}, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000300)={0x1, 0x7fff, 0x80000001, 0x0, 0xc, "0e6c625b163366516229f22bf74f304f5c81c8"})
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280)='devlink\x00')
sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="53e60000000000000000220000000e0001006e657464657673696d0000000f0002006e657464f5cbdc6a6d30000008000300000000000600040000000000"], 0x44}}, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(r3, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r6, 0x400, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x815}, 0x20040000)

[ 1297.676953] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1297.679559] Bluetooth: Unknown HCI packet type 5e
[ 1297.695406] hfs: gid requires an argument
[ 1297.696902] Bluetooth: Unknown HCI packet type 43
[ 1297.706749] hfs: unable to parse mount options
[ 1297.718120] Bluetooth: Unknown HCI packet type 5e
[ 1297.731116] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1297.737338] Bluetooth: Unknown HCI packet type 5e
[ 1297.743825] Bluetooth: Unknown HCI packet type 43
[ 1297.750794] Bluetooth: Unknown HCI packet type 5e
[ 1297.752415] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1297.755674] Bluetooth: Unknown HCI packet type 43
[ 1297.785569] Bluetooth: Unknown HCI packet type 5e
[ 1297.788799] Bluetooth: Unknown HCI packet type 50
[ 1297.791590] FAT-fs (loop4): Unrecognized mount option "nodotsÝôÝ" or missing value
[ 1297.797458] Bluetooth: Unknown HCI packet type 5e
[ 1297.816629] Bluetooth: Unknown HCI packet type 5e
03:55:58 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f00000001c0)={0x1, 0x1, 0x7})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
sendto$phonet(r0, &(0x7f00000000c0)="2a43196d52c2d303e43e4be1ad9642b8c8ac43e54208718ff2d0d7edd3c7fdfbe69bb846a9678e18cf764ad5cb0225a4258da445ef305b603911a26336e3b7111ca9a43879feb87db6d963ef47b7575a4477a360f3ca0feb3f924d3704d52da64002a265c913f33640511e139adbaaa2f9e501966f9ee115d24cf6f86b4c80bcc3e9874052382e44201f0b4c7faaf6b7b9b68235fc041fbab4b334445b4d7f258abd92e775161d85109fa3c5d317167f526c262d46d9e20a5ab6e115401842370d51cedab702d28a0f740ae77c1da6d8d736233b1b0f5e644efc6fa63f", 0xdd, 0x8004, 0x0, 0x0)

[ 1297.828777] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[ 1297.833592] Bluetooth: Unknown HCI packet type 50
[ 1297.850428] hfs: can't find a HFS filesystem on dev loop2
[ 1297.856961] Bluetooth: Unknown HCI packet type 40
[ 1297.869711] Bluetooth: Unknown HCI packet type 50
[ 1297.903272] Bluetooth: Unknown HCI packet type 5e
[ 1297.914699] Bluetooth: Unknown HCI packet type 5e
[ 1297.932552] Bluetooth: Unknown HCI packet type 40
[ 1297.941693] Bluetooth: Unknown HCI packet type 40
[ 1297.968357] Bluetooth: Unknown HCI packet type 5e
[ 1297.975834] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1297.985352] hfs: gid requires an argument
[ 1297.995683] hfs: unable to parse mount options
[ 1298.006118] Bluetooth: Unknown HCI packet type 43
03:55:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$NL80211_CMD_DEL_MPATH(r2, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0xffffffffffffffff}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x68005)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1298.022408] Bluetooth: Unknown HCI packet type 5e
[ 1298.037868] Bluetooth: Unknown HCI packet type 50
[ 1298.045127] Bluetooth: Unknown HCI packet type 5e
[ 1298.077942] Bluetooth: Unknown HCI packet type 40
[ 1298.107007] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1298.165121] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1298.179308] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
03:55:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000eb4d43f50e2fbe4a0700496f4546d0d01ff9653e42d8965e"])

[ 1298.234149] FAT-fs (loop4): Unrecognized mount option "nocaseiS}}ÛRš�f¤�U†ÉÝ
�Ô„" or missing value
[ 1298.315718] FAT-fs (loop4): bogus number of reserved sectors
[ 1298.327190] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000000000)=0x5)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1298.463557] FAT-fs (loop4): bogus number of reserved sectors
[ 1298.473926] FAT-fs (loop4): Can't find a valid FAT filesystem
03:55:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="6e6f646f74732c7cb8cd092214"])

[ 1298.595562] FAT-fs (loop4): Unrecognized mount option "|¸Í	"" or missing value
03:55:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
dup(r0)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_PORTS(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r6, 0x1}, 0x1c}}, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="34000000c176fcef5efbe3dc65bc25c400a1497091fd9da34bde5e6a1e5e0dd7e7a5d6de089ef9ba88437793d6af1677d55f0d2041f0570714536c25ab752f29a7e7e34fda4ac02cdf04305bd0709b8656e1947cc50b2a30960ba0eb1bdc038518ffc151d0c76cd88eb76f76270a2d8f87e269d80a7a7cf220f098fdbd62cb95cb9bf4ca5ae551bd19a57151e2b2255f8cecaed43c4ffa73207703360b203740b5aa145ca586f23a86370f6d3e511c807423bfe296a00f12834ed49ff7ff76ca44e5450c7117cfedc1da382e", @ANYRES16=r6, @ANYBLOB="000828bd7000fddbdf25010000000000000001410000001800170000000d000001007564703a73797a3200000000"], 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
ioctl$VIDIOC_QBUF(r3, 0xc058560f, &(0x7f00000001c0)={0x81, 0x8, 0x4, 0x2000000, 0x3, {0x0, 0x7530}, {0x3, 0x1, 0x0, 0x8, 0x5, 0x12, "a7db1214"}, 0x2, 0x3, @planes=&(0x7f0000000140)={0x8000, 0xfc4, @mem_offset=0x1000, 0x1000}, 0x5, 0x0, <r7=>r1})
ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x7fff)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6e67646f03b672816f63617365dfbb7cd488059425716bdfa3b5b75b9d5c4eed32ac30469d679cb8dd171a5a05371417f341811662d9fe8d082d242934aa4f2ddf7d950bad13c26c48d8d454c5876830d92dc1a9e70af935c9038927e3dcc6ed3e17931aca05262b75bc6102fa1637ac596859bc3a0644fd431f297b62a2328b0b02e4eb660a698cb0121e7e781bd5fd4e26ac20be217236b9b9069f986a2bafc2dfe306dcc5d7e71e0fef4c2b75655def9a17da82be6e7e0632c0810ba7d95a836274f4cd5ae98d6a0ebf809779855c452fd12bb6659ace7839ff03cc15c37e321a8d44"])

[ 1298.696867] audit: type=1804 audit(1586318159.235:170): pid=18977 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/331/bus" dev="sda1" ino=15988 res=1
[ 1298.806120] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=30401 sclass=netlink_route_socket pig=18980 comm=syz-executor.4
[ 1298.860342] FAT-fs (loop4): Unrecognized mount option "ngdo¶r�ocaseß»|Ôˆ”%qkߣµ·[�\Ní2¬0F�gœ¸ÝZ7óA�bÙþ�-$)4ªO-ß}•­ÂlHØÔTŇh0Ù-Á©ç
[ 1298.860342] ù5ɉ'ãÜÆí>“Ê&+u¼aú7¬YhY¼:DýC){b¢2‹äëf
[ 1298.860342] iŒ°~xÕýN&¬ ¾!r6¹¹Ÿ˜j+¯ÂßãÜÅ×çïL+ue]ïšÚ‚¾n~2À�§ÙZƒbtôÍZé�j¿€—y…\E/Ñ+¶ešÎx9ÿÌÃ~" or missing value
[ 1299.003451] audit: type=1804 audit(1586318159.545:171): pid=18987 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/331/bus" dev="sda1" ino=15794 res=1
[ 1299.063726] Bluetooth: Unknown HCI packet type 5e
[ 1299.698155] Bluetooth: hci0 command 0x1003 tx timeout
[ 1299.703509] Bluetooth: hci0 sending frame failed (-49)
[ 1299.778266] Bluetooth: hci2 command 0x1003 tx timeout
[ 1299.783854] Bluetooth: hci2 sending frame failed (-49)
[ 1299.789802] Bluetooth: hci1 command 0x1003 tx timeout
[ 1299.804585] Bluetooth: hci1 sending frame failed (-49)
[ 1300.018137] Bluetooth: hci3 command 0x1003 tx timeout
[ 1300.023472] Bluetooth: hci3 sending frame failed (-49)
[ 1301.138184] Bluetooth: hci4 command 0x1003 tx timeout
[ 1301.143693] Bluetooth: hci4 sending frame failed (-49)
[ 1301.777998] Bluetooth: hci0 command 0x1001 tx timeout
[ 1301.783350] Bluetooth: hci0 sending frame failed (-49)
[ 1301.858000] Bluetooth: hci1 command 0x1001 tx timeout
[ 1301.863451] Bluetooth: hci2 command 0x1001 tx timeout
[ 1301.863529] Bluetooth: hci1 sending frame failed (-49)
[ 1301.874886] Bluetooth: hci2 sending frame failed (-49)
[ 1302.097973] Bluetooth: hci3 command 0x1001 tx timeout
[ 1302.103400] Bluetooth: hci3 sending frame failed (-49)
[ 1303.217983] Bluetooth: hci4 command 0x1001 tx timeout
[ 1303.223324] Bluetooth: hci4 sending frame failed (-49)
[ 1303.857904] Bluetooth: hci0 command 0x1009 tx timeout
[ 1303.937952] Bluetooth: hci2 command 0x1009 tx timeout
[ 1303.944042] Bluetooth: hci1 command 0x1009 tx timeout
[ 1304.187929] Bluetooth: hci3 command 0x1009 tx timeout
[ 1305.297842] Bluetooth: hci4 command 0x1009 tx timeout
03:56:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:56:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000000)=@gcm_128={{0x304}, "5772ff87e7417092", "61e36c085e9c1e82a7d33134917a3dcd", "3d936a3a", "37a3b027505afab8"}, 0x28)
r2 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:56:09 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000cab000))

03:56:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid'}}]})

03:56:09 executing program 3:
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
io_setup(0x1ff, &(0x7f00000004c0)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x10000}])
io_destroy(r1)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r2, 0x400455c8, 0x4)
ioctl$TIOCSETD(r2, 0x5412, &(0x7f0000000000)=0x4033)
r3 = socket(0x10, 0x803, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8400fffffffa)
r4 = openat$vnet(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vhost-net\x00', 0x2, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
pipe2(&(0x7f0000000480)={<r6=>0xffffffffffffffff}, 0x6446f119dbd4f3e6)
io_submit(r1, 0x3, &(0x7f0000000580)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x7fff, r0, &(0x7f0000000240)="aea46978e5f88322ab194e3ab20d7b581f3d95425f9404b748983d2d38b7791da88a5659bc1c9e7fe478264a4620b1515ec6de4fcf2eca6038c381aa", 0x3c, 0x4, 0x0, 0x1}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0xf85a, r4, &(0x7f0000000300)="db2dbcba955b63f2c82036c23207f576ee369fb8735a725cb4bcf2c1518476577a27418abe47442d41f5fca2f58e9b1b244ccb851dc15321f9e6a5249695a42c38437e4c470c81b514ab351b8ad1e44527ee9a338896", 0x56, 0x100, 0x0, 0x2}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x6, 0x7f95, r5, &(0x7f00000003c0)="47c03486006b13e8f824c1e3307dcb11be6de2cbe46a5d929b9d4457bd78746e0546e0932fd54c248861cf236b57ea756594f7b061778f57615318df4ae605f0b01fdb177291aba99dc42b0cc8604d8aa6b38d5524cca14028a14499a066e12e907bef8fc3b348cdc827fba2539cc89d0c9ece0b913505eadf2304d50811854a46a29ddae97c908f0936b74f8bd92ddf254f33a8cf6603f024a28a63f7dd83a8b6b5ee106f3b2e8072c3b0c137db1d6b", 0xb0, 0x0, 0x0, 0x3, r6}])
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r7 = socket$nl_crypto(0x10, 0x3, 0x15)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r7, 0x8982, &(0x7f0000000140))

03:56:09 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0)
ioctl$UI_SET_PROPBIT(r1, 0x4004556e, 0x3)

[ 1309.211630] Bluetooth: Unknown HCI packet type 5e
[ 1309.211934] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1309.216900] Bluetooth: Unknown HCI packet type 43
[ 1309.229070] FAT-fs (loop4): bogus number of reserved sectors
[ 1309.234925] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1309.259902] Bluetooth: Unknown HCI packet type 5e
[ 1309.263274] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1309.264795] Bluetooth: Unknown HCI packet type 43
[ 1309.287790] Bluetooth: Unknown HCI packet type 5e
[ 1309.292943] Bluetooth: Unknown HCI packet type 43
[ 1309.304781] Bluetooth: Unknown HCI packet type 5e
[ 1309.305286] hfs: can't find a HFS filesystem on dev loop2
[ 1309.320675] Bluetooth: Unknown HCI packet type 5e
[ 1309.324150] Bluetooth: Unknown HCI packet type 50
[ 1309.334751] Bluetooth: Unknown HCI packet type 5e
[ 1309.352134] Bluetooth: Unknown HCI packet type 50
03:56:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000000)={{{@in6=@loopback, @in=@initdev}}, {{}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe8)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1309.352330] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1309.364452] Bluetooth: Unknown HCI packet type 5e
[ 1309.370028] Bluetooth: Unknown HCI packet type 50
[ 1309.378944] Bluetooth: Unknown HCI packet type 5e
[ 1309.392208] Bluetooth: Unknown HCI packet type 43
[ 1309.397106] Bluetooth: Unknown HCI packet type 5e
[ 1309.406716] Bluetooth: Unknown HCI packet type 5e
[ 1309.415630] Bluetooth: Unknown HCI packet type 40
[ 1309.415745] Bluetooth: Unknown HCI packet type 5e
[ 1309.427398] Bluetooth: Unknown HCI packet type 40
[ 1309.435183] Bluetooth: Unknown HCI packet type 50
[ 1309.450644] Bluetooth: Unknown HCI packet type 40
[ 1309.460555] Bluetooth: Unknown HCI packet type 5e
[ 1309.479692] Bluetooth: Unknown HCI packet type 40
[ 1309.511366] FAT-fs (loop4): bogus number of reserved sectors
[ 1309.527869] FAT-fs (loop4): Can't find a valid FAT filesystem
03:56:10 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r5}]}, 0x44}}, 0x0)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=r2])

[ 1309.615543] FAT-fs (loop4): bogus number of reserved sectors
[ 1309.638033] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1309.742770] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1309.795472] FAT-fs (loop4): Unrecognized mount option "00000000000000000006" or missing value
[ 1309.931577] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1309.969724] FAT-fs (loop4): Unrecognized mount option "00000000000000000006" or missing value
03:56:10 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/196, 0xc4}], 0x1, 0x0, 0x0, 0x8}, 0x0)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS3\x00', 0x80100, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
r6 = fcntl$dupfd(r4, 0x0, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
ioctl$SG_GET_SG_TABLESIZE(r6, 0x227f, &(0x7f0000000080))
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000600)=0x14)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
lseek(r2, 0x0, 0x2)
r7 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r7, 0x0, 0x8400fffffffa)
r8 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000340)='/dev/nvram\x00', 0x400000, 0x0)
setsockopt$inet_dccp_buf(r8, 0x21, 0x80, &(0x7f0000000380)="2ea349b0a93ea9175fba29c9e7e30388d6e859deafc3a43add14f84248ccb802fea200e0dffa0ae77921d346d6a4b3b006236039a23a395307935680a266980fbf335f8b8180c7a8e4812c943be0f1b46cfdf4159bdae043da3553a5983b67122112910d37be884a5eb19ecd5f5c85b9d5c58eef73d60b439ef737db1af9d16f152b007a04c84ccadf1a90dd4dcc178f2e4bb4f1", 0x94)
ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000000)={0x7, 0x4, 0x4, 0x100000, 0x3, {}, {0x3, 0x2, 0xff, 0x3, 0xff, 0x2, "50b5b147"}, 0x5, 0x3, @fd=r2, 0x0, 0x0, <r9=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x40004)

[ 1310.120123] audit: type=1804 audit(1586318170.666:172): pid=19089 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/335/bus" dev="sda1" ino=16012 res=1
[ 1310.266595] audit: type=1804 audit(1586318170.806:173): pid=19100 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.0" name="/root/syzkaller-testdir761684647/syzkaller.5juiEi/332/bus" dev="sda1" ino=15794 res=1
[ 1310.307426] Bluetooth: hci4 sending frame failed (-49)
[ 1310.887307] audit: type=1804 audit(1586318171.426:174): pid=19094 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/335/bus" dev="sda1" ino=16012 res=1
03:56:11 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={r1, 0x10, &(0x7f0000000080)={&(0x7f0000000000)=""/70, 0x46, 0xffffffffffffffff}}, 0x10)
getresuid(&(0x7f0000000300)=<r2=>0x0, &(0x7f0000000480), &(0x7f00000004c0))
syz_mount_image$btrfs(&(0x7f0000000140)='btrfs\x00', &(0x7f00000001c0)='./file0\x00', 0x5, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000200)="9414c321d584bf3f9d9bc3919ed3e3da1056616a4fdc0992a7ef6c549f46f5fe3f52c0ac7bc170a816ccf96606d2129e940ba5c5e0793641a7a5517292722eb0afb7e0cce8d779aa176026d74b8424893fa5e9dab769fc9ff632313f6c351709690e619b48b3f7062c88c0e06ca2a4b39dc0d40217040b2655ae0b17eb89fc7a2d26213d7ecc", 0x86, 0x6}, {&(0x7f0000000380)="842ffa9ac5c3ce4a320d85a9d6b10b0077b2620e10fc40a38d031448d03701d72de20fdd2cf251caf6363b45f691c6fbd9f889230d4865fc30e159bdaa64f53eb059be36ab1dac0c8c14cde77d4df7a784998901874b28014cb58000fb7d3557c4c74bfd3b5df55af098f6c9ce2eb9c3790471b6f34b4a555cf691a2cfe0004083c54cf0f8b2731a31e142554f922b33bb905e78cfd692fd7ae10ced455afdce042bbf373ad0dcf97cefbfcfd850f899eb7befc551c74333984690200566db061ec5306e74087263e55eda75e0ea15", 0xcf, 0x10000}], 0x10000, &(0x7f0000000500)={[{@noenospc_debug='noenospc_debug'}, {@barrier='barrier'}, {@compress='compress'}, {@check_int='check_int'}], [{@obj_role={'obj_role', 0x3d, 'msdos\x00'}}, {@euid_lt={'euid<', r2}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}]})

[ 1311.109513] audit: type=1804 audit(1586318171.656:175): pid=19117 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/335/bus" dev="sda1" ino=16012 res=1
[ 1311.174926] FAT-fs (loop4): bogus number of reserved sectors
[ 1311.184819] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1311.217366] Bluetooth: hci0 command 0x1003 tx timeout
[ 1311.223564] Bluetooth: hci0 sending frame failed (-49)
[ 1311.254251] FAT-fs (loop4): bogus number of reserved sectors
03:56:11 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x7ff)
ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000000)={0x4f000000, 0x1, "6d40d39f98ef0400894a67eeab0348c8e1f928e743b696348fb2dd0dd14bd5de", 0x9, 0x5, 0xfffffffe, 0x4, 0x110})

[ 1311.273550] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1311.297290] Bluetooth: hci2 command 0x1003 tx timeout
[ 1311.302688] Bluetooth: hci2 sending frame failed (-49)
[ 1311.309110] Bluetooth: hci1 command 0x1003 tx timeout
[ 1311.314447] Bluetooth: hci1 sending frame failed (-49)
[ 1311.371711] FAT-fs (loop4): bogus number of reserved sectors
[ 1311.378014] Bluetooth: hci3 command 0x1003 tx timeout
[ 1311.383546] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1311.383564] Bluetooth: hci3 sending frame failed (-49)
03:56:12 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = semget(0x2, 0x1, 0x1)
semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000000)=""/74)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1311.463821] FAT-fs (loop4): bogus number of reserved sectors
[ 1311.477014] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1312.337179] Bluetooth: hci4 command 0x1003 tx timeout
[ 1312.342536] Bluetooth: hci4 sending frame failed (-49)
[ 1313.297112] Bluetooth: hci0 command 0x1001 tx timeout
[ 1313.302426] Bluetooth: hci0 sending frame failed (-49)
[ 1313.377048] Bluetooth: hci1 command 0x1001 tx timeout
[ 1313.382367] Bluetooth: hci1 sending frame failed (-49)
[ 1313.387805] Bluetooth: hci2 command 0x1001 tx timeout
[ 1313.393104] Bluetooth: hci2 sending frame failed (-49)
[ 1313.457156] Bluetooth: hci3 command 0x1001 tx timeout
[ 1313.462498] Bluetooth: hci3 sending frame failed (-49)
[ 1314.417161] Bluetooth: hci4 command 0x1001 tx timeout
[ 1314.422513] Bluetooth: hci4 sending frame failed (-49)
[ 1315.376949] Bluetooth: hci0 command 0x1009 tx timeout
[ 1315.456976] Bluetooth: hci2 command 0x1009 tx timeout
[ 1315.457032] Bluetooth: hci1 command 0x1009 tx timeout
[ 1315.536961] Bluetooth: hci3 command 0x1009 tx timeout
[ 1316.496877] Bluetooth: hci4 command 0x1009 tx timeout
03:56:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:56:21 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={r1, 0x10, &(0x7f0000000080)={&(0x7f0000000000)=""/70, 0x46, 0xffffffffffffffff}}, 0x10)
getresuid(&(0x7f0000000300)=<r2=>0x0, &(0x7f0000000480), &(0x7f00000004c0))
syz_mount_image$btrfs(&(0x7f0000000140)='btrfs\x00', &(0x7f00000001c0)='./file0\x00', 0x5, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000200)="9414c321d584bf3f9d9bc3919ed3e3da1056616a4fdc0992a7ef6c549f46f5fe3f52c0ac7bc170a816ccf96606d2129e940ba5c5e0793641a7a5517292722eb0afb7e0cce8d779aa176026d74b8424893fa5e9dab769fc9ff632313f6c351709690e619b48b3f7062c88c0e06ca2a4b39dc0d40217040b2655ae0b17eb89fc7a2d26213d7ecc", 0x86, 0x6}, {&(0x7f0000000380)="842ffa9ac5c3ce4a320d85a9d6b10b0077b2620e10fc40a38d031448d03701d72de20fdd2cf251caf6363b45f691c6fbd9f889230d4865fc30e159bdaa64f53eb059be36ab1dac0c8c14cde77d4df7a784998901874b28014cb58000fb7d3557c4c74bfd3b5df55af098f6c9ce2eb9c3790471b6f34b4a555cf691a2cfe0004083c54cf0f8b2731a31e142554f922b33bb905e78cfd692fd7ae10ced455afdce042bbf373ad0dcf97cefbfcfd850f899eb7befc551c74333984690200566db061ec5306e74087263e55eda75e0ea15", 0xcf, 0x10000}], 0x10000, &(0x7f0000000500)={[{@noenospc_debug='noenospc_debug'}, {@barrier='barrier'}, {@compress='compress'}, {@check_int='check_int'}], [{@obj_role={'obj_role', 0x3d, 'msdos\x00'}}, {@euid_lt={'euid<', r2}}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}]})

03:56:21 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000140)=@v1={0x2, 'W'}, 0x2, 0x3)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

03:56:21 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid'}}]})

03:56:21 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527)
ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, &(0x7f0000000340)=0x3)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x3, 0x4, 0x1, 0xd8, 0x6, "717e6eff524a19b1106094db40ae3a7a747f2a"})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/qat_adf_ctl\x00', 0x80000, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0xc048840}, 0x80c1)
ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000240)="1660f1cd05bd1c38014ea8559bd7533fe1f3e479554c8fe0190c9ce182fbb4564a21bc07733a477e5d50b5f11871f766566a2e4b9ec71741cf2b2382f39c52f49c75201ee70b7f1cab6e457ee02e023657ab91873ce3aa4e19477f6c5ef0480c8f86a9035fee3258246cc854f04466a9516b79147a536c558fb6f1487b3185826a1b1c41018f7e3cfde4c3e4ea23af3746b2c9e67e8cedf43e78")
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000140)=0x813)

03:56:21 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x63}, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x68, &(0x7f0000000180)=[@in6={0xa, 0x4e20, 0x10000, @ipv4={[], [], @multicast1}}, @in={0x2, 0x4e23, @multicast2}, @in={0x2, 0x4e23, @loopback}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x18}}, @in6={0xa, 0x4e20, 0xffffffff, @local, 0x2}]}, &(0x7f0000000240)=0x10)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$inet(0x2, 0x4000000805, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = dup3(r3, r4, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}], 0x10)
sendto$inet(r5, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r4, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, <r6=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x6c, &(0x7f000059aff8)={r6}, &(0x7f000034f000)=0x2059b000)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r6, 0x63}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000280)={<r7=>r6, 0x10, "38434b6c4f00d32e9c602156d68c14da"}, &(0x7f00000002c0)=0x18)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000300)={r1, 0x99, 0x1f, 0x3, 0x4, 0x6, 0x0, 0x34, {r7, @in={{0x2, 0x4e24, @multicast2}}, 0xa1b, 0x0, 0x6, 0x231, 0x9}}, &(0x7f00000003c0)=0xb0)

[ 1320.698556] Bluetooth: Unknown HCI packet type 5e
[ 1320.703611] Bluetooth: Unknown HCI packet type 43
[ 1320.711485] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1320.725205] FAT-fs (loop4): bogus number of reserved sectors
[ 1320.733477] Bluetooth: Unknown HCI packet type 5e
[ 1320.748338] FAT-fs (loop4): Can't find a valid FAT filesystem
[ 1320.761882] Bluetooth: Unknown HCI packet type 50
[ 1320.768687] Bluetooth: Unknown HCI packet type 5e
[ 1320.773780] Bluetooth: Unknown HCI packet type 43
[ 1320.774898] Bluetooth: Unknown HCI packet type 5e
[ 1320.786301] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1320.786307] Bluetooth: Unknown HCI packet type 5e
[ 1320.786314] Bluetooth: Unknown HCI packet type 43
[ 1320.827666] Bluetooth: Unknown HCI packet type 40
[ 1320.832589] Bluetooth: Unknown HCI packet type 5e
[ 1320.832596] Bluetooth: Unknown HCI packet type 50
[ 1320.832600] Bluetooth: Unknown HCI packet type 5e
[ 1320.832605] Bluetooth: Unknown HCI packet type 40
[ 1320.846680] Bluetooth: Unknown HCI packet type 5e
[ 1320.850284] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1320.871969] FAT-fs (loop1): bogus number of reserved sectors
03:56:21 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)

[ 1320.878453] Bluetooth: Unknown HCI packet type 50
[ 1320.883409] hfs: can't find a HFS filesystem on dev loop2
[ 1320.883413] Bluetooth: Unknown HCI packet type 5e
[ 1320.883422] Bluetooth: Unknown HCI packet type 40
[ 1320.899306] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 1320.986740] Bluetooth: Unknown HCI packet type 5e
[ 1320.989077] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1320.992822] Bluetooth: Unknown HCI packet type 43
[ 1321.010407] Bluetooth: Unknown HCI packet type 5e
[ 1321.015802] Bluetooth: Unknown HCI packet type 50
03:56:21 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000140)=@v1={0x2, 'W'}, 0x2, 0x3)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1321.041071] Bluetooth: Unknown HCI packet type 5e
[ 1321.065687] Bluetooth: Unknown HCI packet type 40
03:56:21 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000140)=@v1={0x2, 'W'}, 0x2, 0x3)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
syz_mount_image$msdos(&(0x7f0000000100)='msdos\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='nodots,nocase'])

[ 1321.152402] FAT-fs (loop1): bogus number of reserved sectors
[ 1321.160080] FAT-fs (loop1): Can't find a valid FAT filesystem
[ 1321.274732] FAT-fs (loop1): bogus number of reserved sectors
[ 1321.288637] FAT-fs (loop1): Can't find a valid FAT filesystem
03:56:21 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000140)=@v1={0x2, 'W'}, 0x2, 0x3)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)

03:56:22 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup(r1)
lsetxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000140)=@v1={0x2, 'W'}, 0x2, 0x3)

03:56:22 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup(r1)

[ 1322.747485] Bluetooth: hci0 command 0x1003 tx timeout
[ 1322.753051] Bluetooth: hci0 sending frame failed (-49)
[ 1322.816744] Bluetooth: hci3 command 0x1003 tx timeout
[ 1322.822049] Bluetooth: hci1 command 0x1003 tx timeout
[ 1322.822087] Bluetooth: hci3 sending frame failed (-49)
[ 1322.827926] Bluetooth: hci1 sending frame failed (-49)
[ 1322.832825] Bluetooth: hci2 command 0x1003 tx timeout
[ 1322.843497] Bluetooth: hci2 sending frame failed (-49)
[ 1323.066339] Bluetooth: hci4 command 0x1003 tx timeout
[ 1323.072188] Bluetooth: hci4 sending frame failed (-49)
[ 1324.816199] Bluetooth: hci0 command 0x1001 tx timeout
[ 1324.821575] Bluetooth: hci0 sending frame failed (-49)
[ 1324.896301] Bluetooth: hci3 command 0x1001 tx timeout
[ 1324.896603] Bluetooth: hci2 command 0x1001 tx timeout
[ 1324.902269] Bluetooth: hci3 sending frame failed (-49)
[ 1324.912343] Bluetooth: hci1 command 0x1001 tx timeout
[ 1324.912367] Bluetooth: hci2 sending frame failed (-49)
[ 1324.917912] Bluetooth: hci1 sending frame failed (-49)
[ 1325.136175] Bluetooth: hci4 command 0x1001 tx timeout
[ 1325.141497] Bluetooth: hci4 sending frame failed (-49)
[ 1326.896184] Bluetooth: hci0 command 0x1009 tx timeout
[ 1326.976071] Bluetooth: hci1 command 0x1009 tx timeout
[ 1326.976136] Bluetooth: hci2 command 0x1009 tx timeout
[ 1326.987457] Bluetooth: hci3 command 0x1009 tx timeout
[ 1327.215972] Bluetooth: hci4 command 0x1009 tx timeout
03:56:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:56:31 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))

03:56:31 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x8014}, 0x4001)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$BLKROTATIONAL(r3, 0x127e, &(0x7f00000000c0))

03:56:31 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), 0x0, &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:56:31 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
fsync(r3)
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f00000000c0)=0x5000)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:56:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1331.023237] Bluetooth: Unknown HCI packet type 5e
[ 1331.031945] Bluetooth: Unknown HCI packet type 43
[ 1331.038271] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1331.059273] Bluetooth: Unknown HCI packet type 5e
[ 1331.088337] Bluetooth: Unknown HCI packet type 50
[ 1331.088720] hfs: gid requires an argument
[ 1331.111891] Bluetooth: Unknown HCI packet type 5e
[ 1331.119834] hfs: unable to parse mount options
[ 1331.128228] Bluetooth: Unknown HCI packet type 5e
[ 1331.134971] Bluetooth: Unknown HCI packet type 40
[ 1331.147785] Bluetooth: Unknown HCI packet type 5e
[ 1331.147866] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1331.154932] Bluetooth: Unknown HCI packet type 43
[ 1331.172760] Bluetooth: Unknown HCI packet type 5e
[ 1331.177803] Bluetooth: Unknown HCI packet type 50
[ 1331.185046] Bluetooth: Unknown HCI packet type 5e
[ 1331.191681] Bluetooth: Unknown HCI packet type 40
03:56:32 executing program 4:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))

03:56:32 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:56:32 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000300)=0x4033)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendfile(0xffffffffffffffff, r3, &(0x7f0000000140)=0xffffffff, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40e531fb599ebb5f4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3277a54a41364"], 0x48}}, 0x0)
fcntl$addseals(r3, 0x409, 0x3)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
waitid$P_PIDFD(0x3, r1, 0x0, 0x80000000, &(0x7f0000000240))
ioctl$RTC_WIE_OFF(r1, 0x7010)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x45}, 0x801)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r2, 0xc040564b, &(0x7f00000000c0)={0x5b, 0x0, 0x200a, 0xff, 0x40, {0x3ff}})
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:56:32 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1331.618853] Bluetooth: Unknown HCI packet type 5e
[ 1331.624381] Bluetooth: Unknown HCI packet type 43
[ 1331.624454] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1331.653094] Bluetooth: Unknown HCI packet type 5e
[ 1331.653480] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
03:56:32 executing program 4 (fault-call:3 fault-nth:0):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

[ 1331.670406] Bluetooth: Unknown HCI packet type 50
03:56:32 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1331.701306] Bluetooth: Unknown HCI packet type 5e
[ 1331.721946] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1331.724431] Bluetooth: Unknown HCI packet type 5e
[ 1331.735316] Bluetooth: Unknown HCI packet type 40
[ 1331.743573] Bluetooth: Unknown HCI packet type 43
[ 1331.744345] hfs: gid requires an argument
[ 1331.754251] hfs: unable to parse mount options
[ 1331.760994] Bluetooth: Unknown HCI packet type 5e
03:56:32 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1331.769744] Bluetooth: Unknown HCI packet type 50
[ 1331.784822] Bluetooth: Unknown HCI packet type 5e
[ 1331.813829] Bluetooth: Unknown HCI packet type 40
03:56:32 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:56:32 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1333.055503] Bluetooth: hci0 command 0x1003 tx timeout
[ 1333.060934] Bluetooth: hci0 sending frame failed (-49)
[ 1333.135482] Bluetooth: hci1 command 0x1003 tx timeout
[ 1333.140869] Bluetooth: hci1 sending frame failed (-49)
[ 1333.215544] Bluetooth: hci2 command 0x1003 tx timeout
[ 1333.221121] Bluetooth: hci2 sending frame failed (-49)
[ 1333.695444] Bluetooth: hci3 command 0x1003 tx timeout
[ 1333.700953] Bluetooth: hci3 sending frame failed (-49)
[ 1333.775526] Bluetooth: hci4 command 0x1003 tx timeout
[ 1333.780848] Bluetooth: hci4 sending frame failed (-49)
[ 1335.135361] Bluetooth: hci0 command 0x1001 tx timeout
[ 1335.140680] Bluetooth: hci0 sending frame failed (-49)
[ 1335.215410] Bluetooth: hci1 command 0x1001 tx timeout
[ 1335.220895] Bluetooth: hci1 sending frame failed (-49)
[ 1335.295405] Bluetooth: hci2 command 0x1001 tx timeout
[ 1335.300749] Bluetooth: hci2 sending frame failed (-49)
[ 1335.775368] Bluetooth: hci3 command 0x1001 tx timeout
[ 1335.780695] Bluetooth: hci3 sending frame failed (-49)
[ 1335.855384] Bluetooth: hci4 command 0x1001 tx timeout
[ 1335.860789] Bluetooth: hci4 sending frame failed (-49)
[ 1337.215232] Bluetooth: hci0 command 0x1009 tx timeout
[ 1337.295391] Bluetooth: hci1 command 0x1009 tx timeout
[ 1337.375249] Bluetooth: hci2 command 0x1009 tx timeout
[ 1337.855187] Bluetooth: hci3 command 0x1009 tx timeout
[ 1337.935260] Bluetooth: hci4 command 0x1009 tx timeout
03:56:41 executing program 2 (fault-call:6 fault-nth:0):
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1341.237948] FAULT_INJECTION: forcing a failure.
[ 1341.237948] name failslab, interval 1, probability 0, space 0, times 0
[ 1341.258742] CPU: 1 PID: 19365 Comm: syz-executor.2 Not tainted 4.14.175-syzkaller #0
[ 1341.266679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1341.276049] Call Trace:
[ 1341.278653]  dump_stack+0x13e/0x194
[ 1341.282310]  should_fail.cold+0x10a/0x14b
[ 1341.286482]  should_failslab+0xd6/0x130
[ 1341.290474]  kmem_cache_alloc_trace+0x2db/0x7b0
[ 1341.295169]  ? __lock_is_held+0xad/0x140
[ 1341.299256]  alloc_pipe_info+0xaa/0x380
[ 1341.303268]  splice_direct_to_actor+0x581/0x730
[ 1341.308045]  ? avc_policy_seqno+0x5/0x10
[ 1341.312129]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1341.317000]  ? do_splice_to+0x150/0x150
[ 1341.320999]  ? rw_verify_area+0xe1/0x2a0
[ 1341.325064]  do_splice_direct+0x164/0x210
[ 1341.329220]  ? splice_direct_to_actor+0x730/0x730
[ 1341.334078]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 1341.339222]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 1341.343977]  do_sendfile+0x469/0xaf0
[ 1341.347693]  ? do_compat_pwritev64+0x140/0x140
[ 1341.352271]  SyS_sendfile64+0xff/0x110
[ 1341.356150]  ? SyS_sendfile+0x130/0x130
[ 1341.360109]  ? do_syscall_64+0x4c/0x640
[ 1341.364066]  ? SyS_sendfile+0x130/0x130
[ 1341.368136]  do_syscall_64+0x1d5/0x640
[ 1341.372010]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 1341.377196] RIP: 0033:0x45c889
[ 1341.380376] RSP: 002b:00007f3388040c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1341.388084] RAX: ffffffffffffffda RBX: 00007f33880416d4 RCX: 000000000045c889
[ 1341.395363] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[ 1341.402723] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1341.410013] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006
[ 1341.417294] R13: 00000000000008d4 R14: 00000000004cb7c6 R15: 0000000000000000
03:56:42 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
creat(&(0x7f0000000680)='./bus\x00', 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:56:42 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:56:42 executing program 2 (fault-call:6 fault-nth:1):
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:56:42 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
lseek(r2, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8400fffffffa)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000180)={<r4=>0xffffffffffffffff}, 0x13f, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x4, 0xfa00, {r4}}, 0xc)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x4000040)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
r7 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x30000, 0x0)
ioctl$VT_GETSTATE(r7, 0x5603, &(0x7f0000000280)={0xdb, 0x80, 0x5})
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='\vid=', @ANYRESHEX=r6, @ANYBLOB=',\x00'])

03:56:42 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KDMKTONE(r1, 0x4b30, 0x9)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:56:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x505000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bind$netrom(r1, &(0x7f0000000240)={{0x3, @bcast, 0x5}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:56:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0xa, 0x4, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1341.891574] Bluetooth: Unknown HCI packet type 5e
[ 1341.899741] FAULT_INJECTION: forcing a failure.
[ 1341.899741] name failslab, interval 1, probability 0, space 0, times 0
[ 1341.900063] Bluetooth: Unknown HCI packet type 5e
[ 1341.912686] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1341.920470] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1341.928792] Bluetooth: Unknown HCI packet type 5e
[ 1341.933895] Bluetooth: Unknown HCI packet type 43
03:56:42 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x8, 0x0, 0x8000)

[ 1341.950914] Bluetooth: Unknown HCI packet type 5e
[ 1341.965779] audit: type=1804 audit(1586318202.519:176): pid=19407 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/343/bus" dev="sda1" ino=15763 res=1
[ 1341.972773] Bluetooth: Unknown HCI packet type 50
[ 1341.991456] Bluetooth: Unknown HCI packet type 43
[ 1341.998410] CPU: 0 PID: 19388 Comm: syz-executor.2 Not tainted 4.14.175-syzkaller #0
[ 1342.008042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1342.014776] Bluetooth: Unknown HCI packet type 5e
[ 1342.017421] Call Trace:
[ 1342.017441]  dump_stack+0x13e/0x194
[ 1342.017460]  should_fail.cold+0x10a/0x14b
[ 1342.029984] Bluetooth: Unknown HCI packet type 50
[ 1342.032663]  should_failslab+0xd6/0x130
[ 1342.032680]  __kmalloc+0x2e9/0x7c0
[ 1342.045042]  ? kmem_cache_alloc_trace+0x63e/0x7b0
[ 1342.049898]  ? alloc_pipe_info+0x156/0x380
[ 1342.054148]  ? __lock_is_held+0xad/0x140
[ 1342.058235]  alloc_pipe_info+0x156/0x380
[ 1342.062319]  splice_direct_to_actor+0x581/0x730
[ 1342.066983]  ? avc_policy_seqno+0x5/0x10
[ 1342.071033]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1342.075871]  ? do_splice_to+0x150/0x150
[ 1342.079833]  ? rw_verify_area+0xe1/0x2a0
[ 1342.083898]  do_splice_direct+0x164/0x210
[ 1342.088036]  ? splice_direct_to_actor+0x730/0x730
[ 1342.092874]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 1342.097886]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 1342.102629]  do_sendfile+0x469/0xaf0
[ 1342.106334]  ? do_compat_pwritev64+0x140/0x140
[ 1342.110908]  SyS_sendfile64+0xff/0x110
[ 1342.114796]  ? SyS_sendfile+0x130/0x130
[ 1342.118759]  ? do_syscall_64+0x4c/0x640
[ 1342.122721]  ? SyS_sendfile+0x130/0x130
[ 1342.126694]  do_syscall_64+0x1d5/0x640
[ 1342.130573]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 1342.135779] RIP: 0033:0x45c889
[ 1342.138954] RSP: 002b:00007f3388040c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1342.146669] RAX: ffffffffffffffda RBX: 00007f33880416d4 RCX: 000000000045c889
[ 1342.153931] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[ 1342.161200] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1342.168453] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006
[ 1342.175720] R13: 00000000000008d4 R14: 00000000004cb7c6 R15: 0000000000000001
03:56:42 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x8, 0x0, 0x8000)

[ 1342.214763] Bluetooth: Unknown HCI packet type 5e
[ 1342.219794] Bluetooth: Unknown HCI packet type 40
[ 1342.249811] hfs: unable to parse mount options
[ 1342.258111] Bluetooth: Unknown HCI packet type 5e
[ 1342.272339] Bluetooth: Unknown HCI packet type 40
03:56:42 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x8, 0x0, 0x8000)

03:56:42 executing program 2 (fault-call:6 fault-nth:2):
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:56:42 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x14d900, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
syz_open_pts(r0, 0x300)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280)='TIPCv2\x00')
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=ANY=[@ANYBLOB="72b6ae14000000e9f7827e6a3875c3d6ed12b1bdd881ade45d2943ac12a7", @ANYRES16=r2, @ANYBLOB="d57f0000190dd74c92121667a4dd55250ac56fb3a936632fff7f000000000000d76eda741851adfca275b9694e717025ed880676da6f3d37245c2666c10a261af824ea7d69d618588dd846b1222b3dcef5d738bb44a6851460210ac0c100089d9f63a763d9f70cda32f991f9bc1897194cd3c25c0589765f927acda805645c00ff1bedda3fb7519081b891586d881aa255a991e155e85db9b9445eaae92517175f42fa32aa1e72b11b979b4db718f2572f00ef01315f74f3dfccb32d0e4037ed9950d925acb9f6bae5ba920207fdca2d2a2a0cc3669a1d11cbdab76661ef8a1062b7336c3c5717e32e8ed66c130625f7f9368356b6a3725a68ce58fcc1b1bc712e7cb2dbc0ba00a361fc23f8a7605767339d38b17bff9bac6f24d92bb9df71817df20cadb11a4fea4df5c3"], 0x3}}, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
ioctl$BLKSECDISCARD(r3, 0x127d, &(0x7f0000000500)=0x6be)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000480)={&(0x7f0000000880)=ANY=[@ANYBLOB="28020004d136297ff97a854c8600c38208fa9f90cdac96e775d3773310be8231000000000000000000", @ANYRES16=r2, @ANYBLOB="000826bd7000fcdbdf250c000000380007800800020001000080080002000800000008000100090000100c000300ff07000000000000080002000800000008000200000000002c00078008000100000200000c00030007000000000000000c00040001000080ffffffff080001009effffff200005801c000280080001000c000000080004000700000008000200c0ffffff1c0006800400020008000100400000000800010000000000040002008c00058044000280080004006404000008000400bb0a0000080001000b0000000800040009000000080001000200000008000100050000000800040007000000080002009700000044000280080002000000000008000200040000000800040004000000080004002f570000080004000104000008000200ff01000008000300030000000800020000000000d00004801300010062726f6164636173742d6c696e6b00000c0007800800030003ab81fbb9db5e380248a3c619010000000900010073797a31000000001300010062726f6164636173742d6c696e6b00004c000780080001000b000000080003005b0c0000080003000400000008000400ed4d000008000400080000000800010019000000080001001c000000080004000101000008000300000000000c00078008000100180000ffffffff80080003000300000008000200ff7f00000c00078008000100160000001400078008000400ff070000080004a77f4b7f50cf8610a4c81b2fc11ef0c256470823e2514fa33b537ecda23f80d59fa70e93ca9b4ebd9c65b51a44fa54be70a13d363737b8765cd29a42bf4fd2d5c90b6dba47a4e6431e97de27088da1a28ba6ba50690a953b8a2ceb02420df603f6b7ad221628da64f069050fdf4e5ecb37e95727b05144f837567ded72b46ef5d1c2b6dea8c370ac97d218d4b9"], 0x218}, 0x1, 0x0, 0x0, 0x10}, 0x5)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r4 = socket(0x1e, 0x80000, 0x8)
getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f00000000c0)={r1, 0x2})
r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, 0x0, 0x8400fffffffa)
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f0000000540)={0x2, r5})

[ 1342.498619] FAULT_INJECTION: forcing a failure.
[ 1342.498619] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1342.540608] CPU: 0 PID: 19437 Comm: syz-executor.2 Not tainted 4.14.175-syzkaller #0
[ 1342.548552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1342.557917] Call Trace:
[ 1342.560525]  dump_stack+0x13e/0x194
[ 1342.564294]  should_fail.cold+0x10a/0x14b
[ 1342.568481]  __alloc_pages_nodemask+0x1bf/0x700
[ 1342.573179]  ? __alloc_pages_slowpath+0x26c0/0x26c0
[ 1342.578223]  ? check_preemption_disabled+0x35/0x240
[ 1342.583267]  alloc_pages_vma+0xc2/0x4a0
[ 1342.587298]  shmem_alloc_page+0xe1/0x180
[ 1342.591380]  ? shmem_swapin+0x180/0x180
[ 1342.595380]  ? mark_held_locks+0xa6/0xf0
[ 1342.599466]  ? _raw_spin_unlock_irqrestore+0x67/0xe0
[ 1342.604596]  ? trace_hardirqs_on_caller+0x3f6/0x590
[ 1342.609674]  ? __percpu_counter_sum+0x119/0x180
[ 1342.614361]  ? check_preemption_disabled+0x35/0x240
[ 1342.619405]  ? percpu_counter_add_batch+0xf8/0x160
[ 1342.624353]  shmem_alloc_and_acct_page+0x126/0x680
[ 1342.629314]  shmem_getpage_gfp+0x388/0x2790
[ 1342.633668]  ? splice_direct_to_actor+0x581/0x730
[ 1342.638537]  ? shmem_mfill_atomic_pte+0x1790/0x1790
[ 1342.643632]  ? do_syscall_64+0x1d5/0x640
[ 1342.647711]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 1342.653103]  shmem_file_read_iter+0x447/0xaa0
[ 1342.657630]  ? shmem_writepage+0xc90/0xc90
[ 1342.661880]  ? iov_iter_pipe+0x93/0x2b0
[ 1342.665886]  generic_file_splice_read+0x374/0x5d0
[ 1342.670749]  ? add_to_pipe+0x350/0x350
[ 1342.674688]  ? avc_policy_seqno+0x5/0x10
[ 1342.678770]  ? selinux_file_permission+0x7a/0x440
[ 1342.683642]  ? rw_verify_area+0xe1/0x2a0
[ 1342.687721]  ? add_to_pipe+0x350/0x350
[ 1342.691623]  do_splice_to+0xfb/0x150
[ 1342.695365]  ? alloc_pipe_info+0x2dc/0x380
[ 1342.699629]  splice_direct_to_actor+0x20a/0x730
[ 1342.704323]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1342.709185]  ? do_splice_to+0x150/0x150
[ 1342.713178]  ? rw_verify_area+0xe1/0x2a0
[ 1342.717264]  do_splice_direct+0x164/0x210
[ 1342.721434]  ? splice_direct_to_actor+0x730/0x730
[ 1342.726316]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 1342.731800]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 1342.736579]  do_sendfile+0x469/0xaf0
[ 1342.740326]  ? do_compat_pwritev64+0x140/0x140
[ 1342.744933]  SyS_sendfile64+0xff/0x110
[ 1342.748832]  ? SyS_sendfile+0x130/0x130
[ 1342.752822]  ? do_syscall_64+0x4c/0x640
[ 1342.756818]  ? SyS_sendfile+0x130/0x130
[ 1342.760807]  do_syscall_64+0x1d5/0x640
[ 1342.764719]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 1342.769925] RIP: 0033:0x45c889
[ 1342.773126] RSP: 002b:00007f3388040c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1342.780991] RAX: ffffffffffffffda RBX: 00007f33880416d4 RCX: 000000000045c889
[ 1342.788271] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[ 1342.795550] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1342.802828] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006
[ 1342.810118] R13: 00000000000008d4 R14: 00000000004cb7c6 R15: 0000000000000002
[ 1343.934670] Bluetooth: hci2 command 0x1003 tx timeout
[ 1343.940035] Bluetooth: hci2 sending frame failed (-49)
[ 1343.945647] Bluetooth: hci1 command 0x1003 tx timeout
[ 1343.950953] Bluetooth: hci1 sending frame failed (-49)
[ 1343.956578] Bluetooth: hci0 command 0x1003 tx timeout
[ 1343.961856] Bluetooth: hci0 sending frame failed (-49)
[ 1346.014577] Bluetooth: hci0 command 0x1001 tx timeout
[ 1346.019899] Bluetooth: hci0 sending frame failed (-49)
[ 1346.025454] Bluetooth: hci1 command 0x1001 tx timeout
[ 1346.030785] Bluetooth: hci2 command 0x1001 tx timeout
[ 1346.030865] Bluetooth: hci1 sending frame failed (-49)
[ 1346.036490] Bluetooth: hci2 sending frame failed (-49)
[ 1348.094347] Bluetooth: hci2 command 0x1009 tx timeout
[ 1348.099678] Bluetooth: hci0 command 0x1009 tx timeout
[ 1348.100598] Bluetooth: hci1 command 0x1009 tx timeout
03:56:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:56:52 executing program 1:
r0 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:56:52 executing program 2 (fault-call:6 fault-nth:3):
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:56:52 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x9)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/mice\x00', 0x100)
ioctl$KDADDIO(r1, 0x400455c8, 0x1)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:56:52 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4032)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x14, 0x80000, 0xa3df)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
syz_mount_image$hfs(&(0x7f0000000240)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x3, 0x0, 0x0, 0x3000469, &(0x7f0000000340)={[{@gid={'gid', 0x3d, r3}}], [{@uid_eq={'uid', 0x3d, r4}}, {@appraise='appraise'}, {@fscontext={'fscontext', 0x3d, 'user_u'}}]})

03:56:52 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x2500, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000200)={0x30000000})
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x101000, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_DYING(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200280c0}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x6, 0x1, 0x301, 0x0, 0x0, {0xa, 0x0, 0x3}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000180))
r5 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r5, 0x1000)
lseek(r5, 0x0, 0x2)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x8400fffffffa)
ioctl$EVIOCSMASK(r5, 0x40104593, &(0x7f0000000140)={0x14, 0x32, &(0x7f0000000100)="39521ccd005b0defb11bf0b47acab7b22487c445d10f0f3e8b477891c4e65484d64ee1bc7ece67afc765af9d998fa902f1f2"})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:56:52 executing program 1:
r0 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1352.148250] FAULT_INJECTION: forcing a failure.
[ 1352.148250] name failslab, interval 1, probability 0, space 0, times 0
[ 1352.175684] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1352.190168] CPU: 1 PID: 19463 Comm: syz-executor.2 Not tainted 4.14.175-syzkaller #0
[ 1352.198132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1352.207516] Call Trace:
[ 1352.210153]  dump_stack+0x13e/0x194
[ 1352.213896]  should_fail.cold+0x10a/0x14b
[ 1352.218088]  should_failslab+0xd6/0x130
[ 1352.222227]  __kmalloc+0x2e9/0x7c0
[ 1352.228229]  ? iter_file_splice_write+0x143/0xa10
[ 1352.233092]  ? current_time+0x89/0xb0
[ 1352.236922]  ? __atime_needs_update+0x2bb/0x940
[ 1352.241615]  iter_file_splice_write+0x143/0xa10
[ 1352.246305]  ? touch_atime+0xce/0x250
[ 1352.250123]  ? __atime_needs_update+0x940/0x940
[ 1352.254839]  ? iov_iter_pipe+0x93/0x2b0
[ 1352.258849]  ? generic_file_splice_read+0x3de/0x5d0
[ 1352.263877]  ? default_file_splice_read+0x870/0x870
[ 1352.269014]  ? add_to_pipe+0x350/0x350
[ 1352.272924]  ? avc_policy_seqno+0x5/0x10
[ 1352.277006]  ? selinux_file_permission+0x7a/0x440
[ 1352.281893]  ? rw_verify_area+0xe1/0x2a0
[ 1352.285978]  ? default_file_splice_read+0x870/0x870
[ 1352.291079]  direct_splice_actor+0x115/0x160
[ 1352.295541]  splice_direct_to_actor+0x27e/0x730
[ 1352.300238]  ? generic_pipe_buf_nosteal+0x10/0x10
[ 1352.305122]  ? do_splice_to+0x150/0x150
[ 1352.309141]  ? rw_verify_area+0xe1/0x2a0
[ 1352.313244]  do_splice_direct+0x164/0x210
[ 1352.317413]  ? splice_direct_to_actor+0x730/0x730
[ 1352.322293]  ? rcu_read_lock_sched_held+0x10a/0x130
[ 1352.327316]  ? rcu_sync_lockdep_assert+0x69/0xa0
[ 1352.332080]  do_sendfile+0x469/0xaf0
[ 1352.335840]  ? do_compat_pwritev64+0x140/0x140
[ 1352.340446]  SyS_sendfile64+0xff/0x110
[ 1352.344350]  ? SyS_sendfile+0x130/0x130
[ 1352.348318]  ? do_syscall_64+0x4c/0x640
[ 1352.352293]  ? SyS_sendfile+0x130/0x130
[ 1352.356258]  do_syscall_64+0x1d5/0x640
[ 1352.360149]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 1352.365359] RIP: 0033:0x45c889
[ 1352.368546] RSP: 002b:00007f3388040c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1352.376257] RAX: ffffffffffffffda RBX: 00007f33880416d4 RCX: 000000000045c889
[ 1352.383531] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[ 1352.390794] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1352.398181] R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000006
[ 1352.405555] R13: 00000000000008d4 R14: 00000000004cb7c6 R15: 0000000000000003
[ 1352.431065] audit: type=1400 audit(1586318212.980:177): avc:  denied  { block_suspend } for  pid=19469 comm="syz-executor.5" capability=36  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[ 1352.454335] Bluetooth: Unknown HCI packet type 5e
[ 1352.459317] Bluetooth: Unknown HCI packet type 43
[ 1352.487316] Bluetooth: Unknown HCI packet type 5e
[ 1352.508282] audit: type=1804 audit(1586318213.020:178): pid=19481 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/148/bus" dev="sda1" ino=16074 res=1
[ 1352.519367] Bluetooth: Unknown HCI packet type 50
[ 1352.537733] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
03:56:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1a)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1352.593973] Bluetooth: Unknown HCI packet type 5e
[ 1352.605112] Bluetooth: Unknown HCI packet type 40
03:56:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$PPPIOCGFLAGS(r3, 0x8004745a, &(0x7f00000000c0))
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:56:53 executing program 1:
r0 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1352.813477] audit: type=1804 audit(1586318213.360:179): pid=19502 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/223/bus" dev="sda1" ino=16055 res=1
03:56:53 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:56:53 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1353.610639] audit: type=1804 audit(1586318214.160:180): pid=19506 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/223/bus" dev="sda1" ino=16055 res=1
[ 1353.890191] audit: type=1804 audit(1586318214.440:181): pid=19517 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/223/bus" dev="sda1" ino=16055 res=1
[ 1353.927141] Bluetooth: hci2 sending frame failed (-49)
[ 1353.933058] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[ 1354.253920] Bluetooth: hci0 command 0x1003 tx timeout
[ 1354.259259] Bluetooth: hci0 sending frame failed (-49)
[ 1354.493799] Bluetooth: hci1 command 0x1003 tx timeout
[ 1354.500419] Bluetooth: hci1 sending frame failed (-49)
[ 1355.933692] Bluetooth: hci2 command 0x1003 tx timeout
[ 1355.939189] Bluetooth: hci2 sending frame failed (-49)
[ 1356.333708] Bluetooth: hci0 command 0x1001 tx timeout
[ 1356.339042] Bluetooth: hci0 sending frame failed (-49)
[ 1356.573643] Bluetooth: hci1 command 0x1001 tx timeout
[ 1356.579005] Bluetooth: hci1 sending frame failed (-49)
[ 1358.013660] Bluetooth: hci2 command 0x1001 tx timeout
[ 1358.019466] Bluetooth: hci2 sending frame failed (-49)
[ 1358.413567] Bluetooth: hci0 command 0x1009 tx timeout
[ 1358.653525] Bluetooth: hci1 command 0x1009 tx timeout
[ 1360.093463] Bluetooth: hci2 command 0x1009 tx timeout
03:57:02 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:02 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:02 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
getsockopt$ARPT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000140)={'filter\x00'}, &(0x7f00000000c0)=0x44)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
pipe(&(0x7f0000000200)={<r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000240)='/dev/input/mice\x00', 0x200040)
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x541c, &(0x7f0000000000))

03:57:02 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000200)='/dev/nvram\x00', 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000080)=0x110, 0x4)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$UI_GET_SYSNAME(0xffffffffffffffff, 0x8040552c, &(0x7f0000000340))
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r')
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ')
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100)='NLBL_CIPSOv4\x00')
sendmsg$NLBL_CIPSOV4_C_REMOVE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="1af5eff25331f2c060d7f77959a2f8d4cb0baf48ba8a8d24a25bf5f947d295fb747f57b749cfdab1ef1dadc59675b8f2a3434bbfcf9c62d9a5ff3ada239f3b62d2e25f348b729db5ccf8a8c771", @ANYRES16=r5, @ANYBLOB="02002bbd7000ffdbdf250200000c0800"], 0x3}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f00000023c0)=ANY=[@ANYBLOB="b40300001eb9764eb445b89e034fa4b2a1d55bdf1e8efd42d46eac8e12419372b343914b7fbfdd2b4b5dcab5bdfdd85c940b4757739c811d374c929c64c29dab6339f05012b01568cdb039d240e70bf5a3bb6fbff62fad37adb611ab8b5e287eb025e4485a59216c905004eaba04b25340c9789286a7842c28471c291e6ebb10113a8affffffff64e1e844c64278c1ef47eb56b7ac5853be4dcba37f94a88c3a806ce18dc3856da4d3a7fc19264415e06bc306e680655d6edcb86b8d211e7408", @ANYRES16=r5, @ANYBLOB="010026bd7000fbdbdf250100000018010c8044000b8008000a00d514000008000900884d7a5a08000900e9ffa43608000a006009000008000900e0aed83608000a0015c100000800090096744730080009e06327a6031c000b8008000900d546d87e08000a00de42000008000a00307900003c000b8008000a00781f000008000900bb642725080009005a17dc2d08000900329d8f1308000a008ee60000080009005e80493008000a0071c600000c000b8008000a0026d8000034000b8008000a00b49d000008000a0070bb000008000a008114000008000a0084c2000008000900c8e7bf6508000a00803500002c700b80080009001a70766f080009004bd66d6008000a006984000008000a002280000008000900d3792f350c000b8008000a00f4580000940108804c00078008000500ed93e802080006003500000008000600c2000000080005003e89901308000600f3000000080006003e00000008000600520000000800050007000000080006006d0000000c00078008000500a582de2b34000780080005040041c91308000600740000000800060030000000080006004500000008000600a4000000080006009b0000004400078008000500d4c13d3f08000500a7d5eb1c080006007900000008000600190000000800060073000000080006008700000008000500877e5411080005000df98e5a0c00078008000600940000000c000780080006008f0000002c00078008000600cf00000008000500cf135e5e08000500f9d7b748080005000e8f995a080005009895a76b080006001000000008000600fb00100000000600ea00000008000500900f854b3c00078008000500ec317b050800060055000000080006000a00000008000500504d9f4a080005008c7b4f160800060009000000080005007c7f970814000780080005009fe95b6908000500f64bdb6b08000100010000001400048005000300070000000500030001000000c800088034000780080005004aac595408000500f424610b08000500eda2887208000500e3efce0208000500a3c4e039080006005a0000001c000780080005001a7b485708000500b1098220080006006900000014000780080005008f49e21508000600af0000000c000780080006009500000054000780080005005e4be72908000500893ab819080006001000000008000500d0ab71120800050016884f0b0800050086f9871108000600db000000080005005abc685a080006002100000008000500e59bf17a08000100020000000800020001000000a9559d33f233bb1322c254b00b8d0ea82366bacad77578fc558b99b9da2bd8f44f101bf5f2f02f93f1a2586b52a3784a8f4914db2efa9991450e98dc1257f67ba97e521c994999e3e55f4df8c374f0c7110894427741f6ff3546deae29a2cec3868fd629b300"/1043], 0x3b4}}, 0x4040000)
sendmsg$NLBL_CIPSOV4_C_LIST(r2, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x128, r5, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_CIPSOV4_A_MLSCATLST={0xbc, 0xc, 0x0, 0x1, [{0x2c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1c654fa8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x73d23b4a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xe761b42}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x349f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x22dd664d}]}, {0x44, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xea42}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x42679661}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x28bc1a16}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f501450}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x25fa}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f72e1ff}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7520}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6fa7998a}]}, {0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xfb8}]}, {0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x70d28daf}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x36d6c67f}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0xa65a617}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x499b}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x129ac0b9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x328520a5}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x3592b44}]}]}, @NLBL_CIPSOV4_A_MLSCATLST={0x4c, 0xc, 0x0, 0x1, [{0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x633ebf15}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe3f5}]}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1286c464}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x101f8d18}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4f2d2707}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x37f1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa66b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8836}]}]}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0xb23f3f532ae44e04}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x40, r5, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_TAGLST={0x2c, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x1}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x6}, {0x5, 0x3, 0x1}, {0x5, 0x3, 0x7}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x8044}, 0x20000040)

[ 1362.340426] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1362.344643] Bluetooth: Unknown HCI packet type 5e
[ 1362.354606] Bluetooth: Unknown HCI packet type 43
[ 1362.368767] Y­4��`Ò˜: renamed from lo
[ 1362.376356] Bluetooth: Unknown HCI packet type 5e
[ 1362.391388] Bluetooth: Unknown HCI packet type 50
[ 1362.397852] Bluetooth: Unknown HCI packet type 5e
[ 1362.403049] Bluetooth: Unknown HCI packet type 40
[ 1362.417409] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=19556 comm=syz-executor.3
03:57:04 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:04 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x428003, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:57:04 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='qi]\'=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x2)
ioctl$USBDEVFS_FREE_STREAMS(r1, 0x8008551d, &(0x7f00000000c0)={0xd97b, 0x7, [{0xc}, {0x9, 0x1}, {0x2, 0x1}, {0x6d, 0x1}, {0xa}, {0x4}, {0xa}]})
ftruncate(r1, 0x208200)
syz_open_dev$radio(&(0x7f0000000200)='/dev/radio#\x00', 0x3, 0x2)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x1c08c0, 0x0)
ioctl$ASHMEM_GET_NAME(r3, 0x81007702, &(0x7f0000000140)=""/114)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:57:04 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4037)

03:57:04 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000003c0)=0x1f)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x200080, 0x0)
ioctl$TIOCSETD(r1, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r3 = socket(0x10, 0x2, 0x0)
r4 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r0, 0xa)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$TIOCGSERIAL(0xffffffffffffffff, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/69})
lseek(r4, 0x0, 0x2)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8400fffffffa)
ioctl$TIOCGISO7816(r5, 0x80285442, &(0x7f0000000240))
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r6=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r6, @ANYBLOB="2c00b396639c8f07003de22f35f6ed7d688b06c2d8ff55f6000000000377f901eb43"])

[ 1364.224511] tmpfs: Bad mount option qi]'
03:57:04 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1364.301240] Bluetooth: Unknown HCI packet type 37
[ 1364.304680] Bluetooth: Unknown HCI packet type 5e
[ 1364.317114] Bluetooth: Unknown HCI packet type 43
[ 1364.340497] audit: type=1804 audit(1586318224.891:182): pid=19593 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/345/bus" dev="sda1" ino=16061 res=1
[ 1364.347758] Bluetooth: Unknown HCI packet type 5e
[ 1364.386021] hfs: gid requires an argument
[ 1364.390533] hfs: unable to parse mount options
03:57:05 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1364.410062] tmpfs: Bad mount option qi]'
[ 1364.414750] Bluetooth: hci0 command 0x1003 tx timeout
[ 1364.420213] Bluetooth: hci0 sending frame failed (-49)
03:57:05 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x3)

03:57:05 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
fchmodat(r1, &(0x7f0000000240)='./file0\x00', 0x10)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r4}}]})

[ 1364.445702] audit: type=1804 audit(1586318224.981:183): pid=19593 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/345/bus" dev="sda1" ino=16061 res=1
[ 1364.462078] Bluetooth: Unknown HCI packet type 50
[ 1364.488844] Bluetooth: Unknown HCI packet type 5e
[ 1364.533160] Bluetooth: Unknown HCI packet type 40
[ 1364.581495] Bluetooth: Unknown HCI packet type 5e
[ 1364.594139] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1364.611630] Bluetooth: Unknown HCI packet type 43
[ 1364.631270] Bluetooth: Unknown HCI packet type 5e
[ 1364.640820] Bluetooth: Unknown HCI packet type 50
[ 1364.651373] Bluetooth: Unknown HCI packet type 5e
[ 1364.660328] Bluetooth: Unknown HCI packet type 40
[ 1364.668227] hfs: gid requires an argument
[ 1364.672429] hfs: unable to parse mount options
[ 1366.332950] Bluetooth: hci1 command 0x1003 tx timeout
[ 1366.338519] Bluetooth: hci1 sending frame failed (-49)
[ 1366.492914] Bluetooth: hci0 command 0x1001 tx timeout
[ 1366.498393] Bluetooth: hci0 sending frame failed (-49)
[ 1366.652935] Bluetooth: hci2 command 0x1003 tx timeout
[ 1366.658708] Bluetooth: hci2 sending frame failed (-49)
[ 1368.412844] Bluetooth: hci1 command 0x1001 tx timeout
[ 1368.419358] Bluetooth: hci1 sending frame failed (-49)
[ 1368.572819] Bluetooth: hci0 command 0x1009 tx timeout
[ 1368.732828] Bluetooth: hci2 command 0x1001 tx timeout
[ 1368.732930] Bluetooth: hci2 sending frame failed (-49)
[ 1370.492668] Bluetooth: hci1 command 0x1009 tx timeout
[ 1370.812698] Bluetooth: hci2 command 0x1009 tx timeout
03:57:13 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x480202, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000240)='/dev/full\x00', 0x101402, 0x0)
ioctl$KDGKBMODE(r2, 0x4b44, &(0x7f0000000280))
accept$phonet_pipe(r1, &(0x7f0000000080), &(0x7f0000000140)=0x10)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:57:13 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:13 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x3)

03:57:13 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="73697a653d378d6353cac445d0a9c5c83c44ac9ab8c16163c51b"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:57:13 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1372.559826] tmpfs: Bad value '7�cSÊÄEЩÅÈ<D¬š¸ÁacÅ' for mount option 'size'
[ 1372.735485] tmpfs: Bad value '7�cSÊÄEЩÅÈ<D¬š¸ÁacÅ' for mount option 'size'
03:57:14 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x3)

03:57:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x16)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:57:14 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:15 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="73697a653d3757fd6d7e6f0c0bca6a17b62aa0ece46acbd6f9d4a94dc3beede1e95295dfc681eff4e5c7fc18cd9ceae26988791498bf9c296b149839f5a9b48da4df60ffda40e15e58636caebf88e25c879e52cc331d32eddec7c57abda41940f34edb357c3fdd58155188100016e3faa94128d04e020eabfc551abdb416b7390000"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r3=>0x0, <r4=>0x0})
ioctl$VIDIOC_QUERYBUF(r2, 0xc0585609, &(0x7f00000002c0)={0x8, 0x6, 0x4, 0x85400116, 0x1f, {r3, r4/1000+30000}, {0x5, 0x2, 0x20, 0x1, 0x91, 0x1, "f8f87e6e"}, 0xffff, 0xc, @userptr=0xc27b, 0x7ff, 0x0, <r5=>r1})
write$binfmt_elf64(r5, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0xff, 0xc, 0xf9, 0x1, 0x5, 0x2, 0x3, 0x9, 0xfe, 0x40, 0x4e, 0xffffffff, 0x6, 0x38, 0x2, 0x7fff, 0x1, 0x5}, [{0x60000000, 0x3ff, 0x7, 0x5, 0x6, 0x81, 0xff, 0x7f}], "0e9c797fd73a1d3efdbbfde1df6ac721fb9a67df9f88cfca19ded6598aa9a2b36f2f4efd6b7b0df80cd970ab301b0c88ed1c2588eacae5da77de670941f714802ad608832a961618d913", [[], []]}, 0x2c2)
ftruncate(r1, 0x208200)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r6, r6, 0x0, 0x8080fffffffe)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0x0, 0x6}, &(0x7f00000000c0)=0xc)

03:57:15 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x17020}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@newchain={0x34, 0x64, 0x400, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0xe, 0xffe0}, {0xfff2, 0xd}, {0xb, 0x4}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x9, 0x1}}]}, 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x20000000)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:57:15 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1374.489909] Bluetooth: Unknown HCI packet type 5e
[ 1374.495239] Bluetooth: Unknown HCI packet type 43
[ 1374.498818] tmpfs: Bad value '7Wým~oÊj¶* ìäjËÖùÔ©MþíáéR•ßÆ�ïôåÇüÍœêâiˆy˜¿œ)k˜9õ©´�¤ß`ÿÚ@á^Xcl®¿ˆâ\‡žRÌ32íÞÇÅz½¤@óNÛ5|?ÝXQˆ' for mount option 'size'
[ 1374.505525] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1374.530654] Bluetooth: Unknown HCI packet type 5e
[ 1374.567135] Bluetooth: Unknown HCI packet type 50
[ 1374.578387] Bluetooth: Unknown HCI packet type 5e
[ 1374.589577] Bluetooth: Unknown HCI packet type 40
[ 1374.610484] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[ 1374.665398] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=100 sclass=netlink_route_socket pig=19670 comm=syz-executor.5
[ 1374.679559] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
03:57:15 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r2, 0x29, 0x45, &(0x7f0000000240)={'icmp\x00'}, &(0x7f0000000280)=0x1e)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r4, @ANYBLOB='\b\x00'])

03:57:15 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:15 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x1, 0x40000)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:57:15 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:15 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:15 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1375.146982] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1375.154299] Bluetooth: Unknown HCI packet type 5e
[ 1375.154305] Bluetooth: Unknown HCI packet type 5e
[ 1375.154312] Bluetooth: Unknown HCI packet type 43
[ 1375.159350] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1375.169591] Bluetooth: Unknown HCI packet type 5e
[ 1375.177686] Bluetooth: Unknown HCI packet type 43
[ 1375.195144] hfs: unable to parse mount options
[ 1375.203334] Bluetooth: Unknown HCI packet type 5e
[ 1375.220357] Bluetooth: Unknown HCI packet type 50
[ 1375.221064] Bluetooth: Unknown HCI packet type 50
[ 1375.237034] Bluetooth: Unknown HCI packet type 5e
03:57:15 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:15 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1375.248928] Bluetooth: Unknown HCI packet type 40
[ 1375.249854] Bluetooth: Unknown HCI packet type 5e
[ 1375.270596] Bluetooth: Unknown HCI packet type 40
[ 1375.278719] tmpfs: Bad value '7Wým~oÊj¶* ìäjËÖùÔ©MþíáéR•ßÆ�ïôåÇüÍœêâiˆy˜¿œ)k˜9õ©´�¤ß`ÿÚ@á^Xcl®¿ˆâ\‡žRÌ32íÞÇÅz½¤@óNÛ5|?ÝXQˆ' for mount option 'size'
03:57:15 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:15 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000380))
syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f00000000c0)='./file0\x00', 0xb52c, 0x3, &(0x7f0000000140)=[{&(0x7f0000000200)="a17e1744e450fb70571424c0161c17155683eef3e7425501e1812f5f8560839e8eb3c0e41f9c148594f4a3f585d511f08498abb0452c9f3701b33c85bbaa29692c8bdc1a723cf85192c27c5bca2f3cf5cfe181dd0c12684d245158d122b9fa8e754fe7aacafac46f31c75f9ae0690d38614944717b642a682bb0d35f6a9fb5ee3491f390f4e1d448f8d64e28a975b05addd3fcf5f6a8838c585a75aa902093a11ba2efba5cea81853d218524201f68ef1b4b0c4a9c9b711a963168bde04cecd05991bea1b1f5b559246a79f172baeb3b18cf4f16da0057e79fff1686", 0xdc, 0x5}, {&(0x7f0000000440)="bd2a10e2999361d50dbbab2e7bdbc8756f7071215317534faca5cf7a62da50c38a475aac5b6715c58864dd0947a4193c461d0bc365928a22b2d02d9b8f98afcdd94c969d387c63a41c84371b715a3374945ee30cea69f72c17ae25a9ca59a7da16077754431b8fac34032ad79df95c92b81c539497ae9fdf6cd60d182cd64a7615a591e596cefe80ffcf4992d2cb7823306709b6b98622e770e8305fd59b2aad5af38be7ecd7b5932b4814b8cbdc60b6e424b86326300695c5a96cf3dbe04b1807bdefdc6f400dcf8bdcef6c95462a9409d69ed936079d322b1b8dc5f7251f4c1b91ea825eacf9d1993b27dfeb2f898f56dd0f170d1c43879cfd0fcf79dec092e765a25fbbb9c6b0a34dc28d044627ca8e2de9812ca830db55e5f6c96c7997c5574fda38424eb2ba2e4c2e9f447cb8261c15f1fc60cb9763c3f3e0eb01537e89e87638184b53aeb0ab9d9a1276067617d61b44aa1e63526c27471a4e344b6ed2c398e0dfa1009c67f93a10f431531715809fb46f9e4b0ed741824906781b11a0760918c3ecacd35ff688ee236fb0c43d5e58fa93c618fd5d066053e720858b5c43cd7c8e4bad29186d45f921e46e46dbf28692c2e8a0143b4ed5717de456b87b29201d09f5e9ad6160f5e661c3bd6228241a253d00c198dff145d67de1e52ed45e049b0d0bfe6737139528c626416a91c880bc52ae0f80583b38f115147c22198337b1570fe46b6c3112ae6aad4ddbb68890e82fb8162e7040c3e164a8a636e22679ae6fbe4e2e55fb744de5e4b885e162f2c0f4cf74b7709b7a38fef9d53a59d711ca4b21ca4588d67ddf1b03d0a29563e9cd1fb84b6934cb63a1982199763341e6fddd3e80396027d375962afdc0de4234b933f7f54f490dc9b473ce8116a15ddb4c10d7b410963c1e8c90ab925857be82cd7d5576cf862f23247dbb1e7d9e89f4f633102abd19e23e7cc54154f920ba26d966f843d941c692efc47b8b485ce26adad6de784c493f78ad0e7740e871977cb5b4b894c819386d0e13370d3377cdb600bc0bff4198af3ad7a94959085e3c67ba54932ee6d72044f5fd6151efc5845467a92a64a2aba050f0bdf27532073e3c9ad888157a31169d058a4bf865e273786c586fc5e5ba4c2f2f77aad23b3fb9c553e5775c8159708939450b0304a1734d741fa1c84550acc35a232d82659136e729d8676551e186e64d59fac4638afa054989d97efb0c828ef0a6de496305612b682a866f5b8e451d9ce10fc1c3172d1d6dfc82a9b07e953b68f8ef86a833b64fd7acdb6e18d38a1c098de4291b41cef69b18d004267a24c9369a84313654b9cd9f14966397e561fc8cb110b026bcb89a057b6794aad37bd686201892a1c9fc97da7921ec4f8dcb887f262a88e15f7bb040a1618bf4bea126907dc3fc4b91cfc849c6d4095d48f80222f72ed5b64b2cb8f60502bd46531d1a66d96ba82ce24b161650493e9ff08112cdd414abf05b285c4590c13577da26fcfec847ae2189fd98b56d1a07a4d7ff23ac105cd8a79a4354d25ee3de9495ef984f60867594cd212f9f232e212081899ed96fa0509ce8c8e83f39bcd2d283f33451faa6d67aec1ae33401a007ef3bcf64f2984c142b8a7e0f9a2678b5c456029203809995a3250aee123c71391a4cf9cd3962ce2ae08044819af97620f6ee516a380d5e87bf7f2a9c1653633a39f2ddc5625834fb65783ab7abdd95cfc3bfb8d692b7aed18e69f172cefc70b6deb89c304a54a12e33ffa448a7b12d31838bac58182ab882e09fe2482e9518301123e2c6a44b9c419bd486c5fb5af192233f8675c8644b28f57172061eef48dbff0de50cdfe165b4050f4c26ecf4c89687de692e214515fc1c88d8dd10fe258a4eaf47340f36d67b25ef3ffd55c16d5ca05312d6ccf66a6537e302fea9668dc9b5b4d9e496b0b2753a182189d9ca87d1ccc1d1795bcbe5d258db2563c0c74e3603e821f9be9cf30bb9ed64873ba4c786c13c6affdb9c6a8754e54fd1f41283fa0e35df3cd70e849e3616737f0db304b68ac60f54f167e433bb16676e5a025ec8027dd49ec432d1c111b9857326f0d25e47bb80cd6c41a19800c6a3a2e1324df05e09dd55b7a27871e9bb865e6f51a6213473f405293adb4a61ea4e7cf4831f45050ea7b5e5fd54d4c3af967d61ff9a3fab36ed1961297dd29555a225da92bd8877843c1326d91472e4ae0c77818684f3af7be46c2df773077d01a6269f0ee118245366e9554bcef75c9838187f72891948f0d6d7b2d333210df5b789c42acacba4985634cdfbcb21b0639bf803ab24d31dd2cf3fbd0258df58862f38d9230927c14dd49f4e6f76d52e80376bf382fcc6112ae520c2064a1495b6861af556ac6c5dc15f171037751221983a2230d8f0178ffdcd2f9d5e84186b584512a23cd425371364e8c391b8811c84ffa6a716d5304cf6b125986a094bae2c9dba75c6f7c19a171f7266b856cd237fd63ec95ae71147619be0d551381b97f3a9999ae08ac06d2e412e67f764bbcaa66ce9756ba416345678dfc244841354ee4badd1c439d33188fc4f719524e34acf0c4d036f6280472f5acfcad5aaa2dbd520db74f23c62ac4cab2ec0ce25a606224a4dd7cd3f64a4d0ab7f130eceae973fe166ae98a29b3d2bb67a234e14cef593bbb3e3b5bced0b2a0e1f981923c093236abae84c8724e002deae2123b75deea4ac1c2da2b990052b7bf5e4646c935d065e4869180c4a75585ff55698817003d4b3dcdb63b24cc06f972c0d7b9dadf52396e389bda2a5cc69e164df4fd4bf318ce11fdd2a0da0e7098dc0b3a864105c41e7c06df64dd9196df070c28b76c23913b3d95e3c4cb9fd0516fb0fd140aab27350cb504c54f546279d73ef5aef6e320a72b74c9f9615877c8232954c2b1fd23115c6ecd334a79308f43c12930695cdd962719da323818eb2566890122e25a9ee72ed7f5060c08a248412714246945e62348f2c1b1371d6a052d5689c188791559e3ed1f71345734c85917c68e2925e2ebd426648d74dd12a4417a4a121a92398b89646a13e3371473d34f8ac8b086e9f9aeb406c40369fc46e0ca5942b345f94cb4c2a0ebbdde46c14d141b25cc92c961fddbaf332553a4b3011c88ab98e66bb5e7706a62e56e416a36528d99c4d10901c9a8eae91bf789ca99f67382e2c4561c4ba42e651cfedbba8db2f2a7e939193acdb4269bc5e03fe8db2770da00b78c02da92f0aa8a97a5d1c263385e36143ec9581a44064e4f314563bd274735bc6781d15f320c4ce28ec6545c44ecd47a4d2d8bcddc103809d452e8da71cdfb4c26a94d7379564be98ae25bc20e6df51a4802c3b476661a72126055a63a95ede8807fbcf6fb7db819f17cebacdcd58e32efd3f14aa750e489beb2c48d5007c3781a9db8e06a01b08d6ce7ab5adc8846c792fe5bb06a8228563cb16070aa34f67de8f7a0fde7dceec834bf32fdbcb3b3256a9e2a31a6a735fad90eb28df1061f3080dfdcd755d8f6f80f1c65460dd58af22226f422dc2933a81f3363c7e4c9a2f707a4b04e715d272c2574acac31e961cd1f27df25dfb7756fa69b18c409bbedc9aefdb15f44eb431b762f3e44af87ea4e02c9c090ce1566818128a2aa2d032d885d9d01f3e46e6314ed579368aa633a4e8a897fa3f00c0acd8b5ac19ee295e29898c9245b22a9b1ced8db5f0181ede19c77543f314844e62c3afaa348d609192c4f44c7d889c5ca8cfbf99f4b5531890e8fbbe486e06cc63fe214a6406f8ec2a1443c32ce7de1ca2518f283fdcdb964a10e31b78312a21aaba2d360ac8dbee2e5aeb1d650b6669acaae8dd884a5037adca131ea62af2efa48cd5205bccf453cc87f5e8b39a2eafe6ac33226891c2a3bf21c54f63154dab6199c4096af581867c47dab8b5e36bf60481bf272ee90a5508cf0b668b70274c71363163f05eee52f6b19c3fa80018d95bc20f3af23f9c64ea72b9cc950827a3ef7de774bc6e0387e4603fa3a3af3b373b7fbc77b2043e1e4369a2745fcdd0065ecdf875e06fb9d37905ac62d9e090cfae678091db436cbdf0bd3668d5af6e899e1b7a402cfeb92a57daf51f72fdbc2dc9c0dfd6ddba71c2d47f5a76f0beed8150bd25fa6c6828aedf080610b16833d5f54f63670fb2d44091fdecffa0edeb5fbae77f1cd05bbc9058b5a5bb530e96e8b959dfea56f1a82c92ae862764cc6d0e8bd2af434132a92fc0b5c6e28e5e06738fbc5a8fed2824d781c9c7099229a9764bd2d87cf8680df92469fc5456033156812f137ab63379edffab2d95be5e05f15ad098c631d1387234984a1b45093f13cfbd29603ebb9921a99f933f5a13747786ecae371a03a08f6df76f8642f2989624e0433bd499c7b3a906cf81d1664375b82eb5f8f6ff9e6e8fbeb5a65b74a042c8b618c239ff06d6a46c839ec0d557e7c917180dd177024957df984c5d2463a040010f5f8a257c5d0b8377ff2b54542546db4a0a78adec4948ae507ab436a41ecf26365c85139ccc9687a0014fb229dfadabfb7c563811fec91d8f32b2cb89084c489d7035ee39d557cef998cfd75df8ab68031477b7823af187fb04af012916dd4b6ca4f8954b3a18bb740e51952a6971b106bf95e6154febc48df3f171464bc8dafb1758d3ff570a088475868024db11af651e429221a748ebc893a124c7b29b42ae21118209e63c47b6f14637f8e49fa5de852d320f66a89f8847da89c25a23ba0f16c8dca65fb03346d39c909df930e9eaad31562043fa84bf84653c5c48f77856e4e10054a63e9b24411783c11179f91908212852fc8741ab2c9fd8aeb3aad9520b4c6ddbecbb11ac2d5584c7531d2875cbcd8ead60bd4a271aae678b90a50253fd0eb6cb2fb3ea23af47853c03ecc79c17cb3ee615d243ea79e1df81d7472e3dd7c0c3f501bb008564e121552723c788ca6eef1891b04ded6c968c0527b98b3fe0cee97a57ba4bfdebc29c827ad30346d80d20432a431ecb2676856b20b9d51815716a26a64cd8c42de1dcd0003347f7cb731564570cafc4d7841c69de34f099bb0feabeb456ce122d5f0e3353844b86f053bbb2c99c0329454f4caa87a0fa34cbae5209902f70a81b7084ff0d2dfc36077fd6d5cbc8ad879cd7cde61f284363a0e0aa4420ef27197de26b2db6188f3e88b61a73883e88b6694a579691cfa35a57c4bb49fb9b1b80063f134f35a058116c0eedfd49e32b98ef20ed1aec3460644965944157678dcbf880f1dc44bf5bfb49fdac255bed69917e24e8c705b9048ad516d1158b8156e2aa4e39c64bef603c0e4ec20c4de0534ce28845c19528332612f0ea4c2314274c19c0eab24b030396b78ebb33c2050ac5b22266bb52a00a5fcbeba9eddab2e31f1ad89f6519cbb5516f4e8368f0c4dc0a76f96ae41d48d0b82dbaaceabc26064793afe1151547370511739225b03b51d2c22e8924119ef1f07e859ef5ca8410117bdb79b61c38a7b9cab2c3a1f555bd63998cb6cfc7e828138fdb7f2edfd34d230d1dfba8f7ce8d62a53202528c0bb8babba2aa1dc9f9c7b1500bbf00afd0f579fca1433b3636ad28878ad321f29a24625b8f016e73f0b06fd948b54dae7c2aff347fbee64ad51e0e95a085d73cdc26113134dc3ad4bc153fdc4a515363f612aaa801e5fa40fed30dacfd68cd9ccd2d828283fded7124416c887c2aafc85e8c81a1665099dfbe9efff4a09e4b0a6e3c41fb804c7b574e5601a56e59eae6ac28b90d375f6aa81a3c212b0ad2bfc01e9d5c01fa5977ac48088c1232438424f04940", 0x1000, 0x5}, {&(0x7f0000001440)="9b261cd33d9b091472dd20b408cea08618d4faede9dffb393d955fb103f814e4c9fd9ec9c938e95037880047996ff151bc2b34d96aeecd19eb45765db7020fe0f486a43fd73b8f9725a72a86dadde86849728ff1b6a95b1ee51acad5fda2147fb7040cbd899db3fa3bc8494bcbdc306a79d7d993645162433fd3df8f0f9c6f26b7efb01e80155b03c6d60265de0e8e38beef40e4a5c763f6a4f49c62935364fb9ef5f7bdda92ecac7cf4009877c9e3592bd267476469b84e34c196d3338ec935ae7b76797392f3f67ca28e813ccd3f23", 0xd0, 0x1f}], 0x2a18030, &(0x7f0000000300)='*\'\x00')
ftruncate(r1, 0x9)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1376.492072] Bluetooth: hci0 command 0x1003 tx timeout
[ 1376.497413] Bluetooth: hci0 sending frame failed (-49)
[ 1377.212020] Bluetooth: hci1 command 0x1003 tx timeout
[ 1377.217342] Bluetooth: hci2 command 0x1003 tx timeout
[ 1377.217378] Bluetooth: hci1 sending frame failed (-49)
[ 1377.224323] Bluetooth: hci2 sending frame failed (-49)
[ 1378.572021] Bluetooth: hci0 command 0x1001 tx timeout
[ 1378.577357] Bluetooth: hci0 sending frame failed (-49)
[ 1379.291965] Bluetooth: hci1 command 0x1001 tx timeout
[ 1379.291969] Bluetooth: hci2 command 0x1001 tx timeout
[ 1379.292049] Bluetooth: hci2 sending frame failed (-49)
[ 1379.297262] Bluetooth: hci1 sending frame failed (-49)
[ 1380.651880] Bluetooth: hci0 command 0x1009 tx timeout
[ 1381.371827] Bluetooth: hci2 command 0x1009 tx timeout
[ 1381.371854] Bluetooth: hci1 command 0x1009 tx timeout
03:57:25 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f00000000c0)={0x3, 0x9, 0xe000, 0x1ef5})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:57:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1384.700510] Bluetooth: Unknown HCI packet type 5e
[ 1384.710538] Bluetooth: Unknown HCI packet type 43
[ 1384.722229] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1384.738672] Bluetooth: Unknown HCI packet type 5e
[ 1384.758158] Bluetooth: Unknown HCI packet type 50
[ 1384.764838] Bluetooth: Unknown HCI packet type 5e
[ 1384.770043] Bluetooth: Unknown HCI packet type 40
03:57:25 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r4}}]})
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240)='batadv\x00')
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r9}]}, 0x44}}, 0x0)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x4c, r5, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r2}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x8}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}]}, 0x4c}}, 0x0)

03:57:25 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="ce066cca1f0a52cb0037ac751925488895bc5d0e2d266255c57042387eda5935b2171d8751ddf151766ea81ca5b8ea9634979b631e1e1cf4571f5ec0e7e8a9566c4b5998241a503e237a45fae924ee1146755aad74aa6184e29a7dfd23fce3fe084dc94eefafc821239eed53328eda2044af93494982227b005d27f78dd7087d72515dfea4ca7d0151535ba135b91658ab2398d06d67942cec02bc3a9a91dac56c22e0de68c2d2eb2360e1148a62d2d1d3d2d4a3a9287d0f0dcba9c3a85284b840497432"])
r0 = open(&(0x7f0000000100)='./bus\x00', 0x100, 0x10)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x400, 0x146)
r2 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0)
ioctl$NBD_SET_BLKSIZE(r2, 0xab01, 0x1000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000300)=@gcm_256={{0x303}, "7efc0c55c346a302", "986320c76339f3c73d922bec611d98eac0781c9d6051dc5875154f46babe8d9e", "78c35762", "eb1170eab38c2cfe"}, 0x38)
sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="881a6ccac5", @ANYRES16=r4, @ANYBLOB="10002cbd70000000000010000000"], 0x3}, 0x1, 0x0, 0x0, 0x1}, 0x24040800)
sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)={0x88, r4, 0x2, 0x70bd2d, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x80}]}, @IPVS_CMD_ATTR_DEST={0x60, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8000}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x800}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@local}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x80005}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7fffffff}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x4}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xfcc7}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xf0ed}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000}, 0x4040)
fchdir(r0)
r5 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
ftruncate(r5, 0x4)
r6 = socket(0x10, 0x803, 0x7)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_rose_SIOCRSCLRRT(r6, 0x89e4)
ioctl$VIDIOC_SUBDEV_G_FMT(0xffffffffffffffff, 0xc0585604, &(0x7f0000000380)={0x0, 0x0, {0x7fffffff, 0x2, 0x2004, 0x9, 0x4, 0x7, 0x0, 0x5}})
r7 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r7, r7, 0x0, 0x8080fffffffe)

03:57:25 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:25 executing program 3:
socket$nl_crypto(0x10, 0x3, 0x15)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:57:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1385.393070] tmpfs: No value for mount option 'ÎlÊ
[ 1385.393070] RË'
[ 1385.395254] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1385.400043] Bluetooth: Unknown HCI packet type 5e
[ 1385.412606] Bluetooth: Unknown HCI packet type 43
[ 1385.429748] Bluetooth: Unknown HCI packet type 5e
[ 1385.432424] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
03:57:26 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1385.447351] Bluetooth: Unknown HCI packet type 5e
[ 1385.454591] Bluetooth: Unknown HCI packet type 43
[ 1385.457333] Bluetooth: Unknown HCI packet type 50
[ 1385.472634] Bluetooth: Unknown HCI packet type 5e
[ 1385.480768] hfs: gid requires an argument
[ 1385.487440] Bluetooth: Unknown HCI packet type 5e
[ 1385.494117] Bluetooth: Unknown HCI packet type 50
[ 1385.500252] hfs: unable to parse mount options
[ 1385.510582] Bluetooth: Unknown HCI packet type 5e
[ 1385.512152] tmpfs: No value for mount option 'ÎlÊ
[ 1385.512152] RË'
[ 1385.518027] Bluetooth: Unknown HCI packet type 40
03:57:26 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1385.543919] Bluetooth: Unknown HCI packet type 40
[ 1385.559183] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[ 1385.590764] audit: type=1804 audit(1586318246.142:184): pid=19811 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/147/bus" dev="sda1" ino=16195 res=1
03:57:26 executing program 2:
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x202200, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})
write$FUSE_ATTR(r0, &(0x7f0000000200)={0x78, 0xfffffffffffffff5, 0x5, {0x4, 0x7, 0x0, {0x1, 0x8, 0x8001, 0xffffffffffff0001, 0x9, 0x1, 0xc6, 0x7, 0xbff5, 0x4, 0xffffffff, r1, r3, 0x0, 0x9}}}, 0x78)
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r4 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r4)
r5 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r5, 0x208200)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r6, r6, 0x0, 0x8080fffffffe)

[ 1385.648243] audit: type=1804 audit(1586318246.172:185): pid=19811 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/147/bus" dev="sda1" ino=16195 res=1
[ 1385.723717] hfs: gid requires an argument
[ 1385.727933] hfs: unable to parse mount options
[ 1385.809589] hfs: gid requires an argument
[ 1385.819032] hfs: unable to parse mount options
[ 1386.731377] Bluetooth: hci0 command 0x1003 tx timeout
[ 1386.736707] Bluetooth: hci0 sending frame failed (-49)
[ 1387.451259] Bluetooth: hci2 command 0x1003 tx timeout
[ 1387.451263] Bluetooth: hci1 command 0x1003 tx timeout
[ 1387.451346] Bluetooth: hci1 sending frame failed (-49)
[ 1387.456654] Bluetooth: hci2 sending frame failed (-49)
[ 1388.811287] Bluetooth: hci0 command 0x1001 tx timeout
[ 1388.816696] Bluetooth: hci0 sending frame failed (-49)
[ 1389.531121] Bluetooth: hci2 command 0x1001 tx timeout
[ 1389.531147] Bluetooth: hci1 command 0x1001 tx timeout
[ 1389.536433] Bluetooth: hci2 sending frame failed (-49)
[ 1389.547761] Bluetooth: hci1 sending frame failed (-49)
[ 1390.891216] Bluetooth: hci0 command 0x1009 tx timeout
[ 1391.621003] Bluetooth: hci1 command 0x1009 tx timeout
[ 1391.626270] Bluetooth: hci2 command 0x1009 tx timeout
03:57:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
ioctl$TCSETXW(r0, 0x5435, &(0x7f0000000040)={0x6, 0x7fff, [0xfff7, 0x3, 0x2, 0x12]})
r1 = semget(0x1, 0x2, 0x165)
semctl$IPC_RMID(r1, 0x0, 0x0)

03:57:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1394.953708] Bluetooth: Unknown HCI packet type 5e
[ 1394.958860] Bluetooth: Unknown HCI packet type 43
[ 1394.967658] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1394.980335] Bluetooth: Unknown HCI packet type 5e
[ 1394.992501] Bluetooth: Unknown HCI packet type 50
[ 1394.997476] Bluetooth: Unknown HCI packet type 5e
[ 1395.003879] Bluetooth: Unknown HCI packet type 40
03:57:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:36 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:36 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="7b697a653d37c055d85b0d2ef30c8b3c0f965bb25c7cfb7c7b9ae98d510d673a4a5690740dcb340a651b883ada8dc09a85ad365716cd8f2465321b7ca26ccc6efaeab3411f7f5ade168fb8351172f72d71de3754420bbddd0d65325ddf71c20a135970cfff5e6d8d69050fbf644b3caed34e07ee822a831ff25be80fe924117812"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_inet_udp_SIOCINQ(r6, 0x541b, &(0x7f00000000c0))
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r3)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:57:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000300)='/dev/cachefiles\x00', 0x4101, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r4, 0x800442d2, &(0x7f0000000380)={0x1, &(0x7f0000000340)=[{0x0, 0x0, 0x0, @multicast}]})
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r3, r5, 0x0, 0x8400fffffffa)
ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f00000002c0)={0x3ff, 0x3, 0x4, 0x7fffffff, 0x1, "9b12f22ee01df792fdb52c2dc319ea5697f7b5", 0x2bb, 0xfffffff8})
sendmsg$NL80211_CMD_DEL_MPATH(r2, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000228bd7000fbdbdf25180000000c0099000900000004000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000129bd7000fbdbdf25200000000c0099004000000000000000080001000200000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900020000000300000008000300", @ANYRES32=0x0, @ANYBLOB="089c3f5c", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=0x0, @ANYBLOB="0c009900e80a000004000000"], 0x60}}, 0xc0d0)

[ 1395.644685] tmpfs: Bad mount option {ize
03:57:36 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1395.679243] Bluetooth: Unknown HCI packet type 5e
[ 1395.684688] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1395.711316] Bluetooth: Unknown HCI packet type 43
[ 1395.737588] audit: type=1804 audit(1586318256.293:186): pid=19889 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/229/bus" dev="sda1" ino=15905 res=1
[ 1395.746555] Bluetooth: Unknown HCI packet type 5e
[ 1395.774127] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
03:57:36 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16], 0x2a)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1395.793765] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=19899 comm=syz-executor.3
[ 1395.802098] Bluetooth: Unknown HCI packet type 50
03:57:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040))
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1395.865283] Bluetooth: Unknown HCI packet type 5e
[ 1395.898993] Bluetooth: Unknown HCI packet type 40
03:57:36 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16], 0x2a)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1395.989223] tmpfs: Bad mount option {ize
[ 1396.970686] Bluetooth: hci0 command 0x1003 tx timeout
[ 1396.976130] Bluetooth: hci0 sending frame failed (-49)
[ 1397.690496] Bluetooth: hci1 command 0x1003 tx timeout
[ 1397.695831] Bluetooth: hci1 sending frame failed (-49)
[ 1399.050453] Bluetooth: hci0 command 0x1001 tx timeout
[ 1399.055836] Bluetooth: hci0 sending frame failed (-49)
[ 1399.770446] Bluetooth: hci1 command 0x1001 tx timeout
[ 1399.775799] Bluetooth: hci1 sending frame failed (-49)
[ 1401.140277] Bluetooth: hci0 command 0x1009 tx timeout
[ 1401.850281] Bluetooth: hci1 command 0x1009 tx timeout
03:57:45 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
fcntl$setpipe(r0, 0x407, 0x5)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0xa0002, 0x0)
write$sndseq(r1, &(0x7f0000000080)=[{0x10081, 0x6, 0x0, 0x0, @tick, {}, {}, @quote}], 0x1c)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
lseek(r2, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8400fffffffa)
ioctl$BLKROSET(r3, 0x125d, &(0x7f0000000040)=0x8)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f00000000c0)={0x0, 0x9, 0x4, 0x0, 0x7, {}, {0x3, 0x1, 0x6, 0xfa, 0x2, 0x29, "0faf6b9b"}, 0x3f, 0x2, @offset=0xf9, 0xfff, 0x0, <r4=>0xffffffffffffffff})
ioctl$SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000140)=0x8)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:57:45 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16], 0x2a)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:45 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000000003b650f97c6b4147bac832d67bb49f1e452bac8baae92adabc9b00f6a0262a0b4a15efb0ba4c6a1898477def7811670124ec69cd1086909304a3eb03a0afee96b0170693d2c53e94ddc2fae6f50f31cf6672653e010eddbe27f25b2418144893e6293bf3b9e5f9e5b958c7933111c2d67888d2bbed0c177a621c59db1f3f4d07e65c7ec330ceabe12576f69065756b111"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000))
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
ioctl$UI_SET_ABSBIT(r3, 0x40045567, 0x4)

03:57:45 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x800)
ioctl$SIOCAX25ADDUID(r1, 0x89e1, &(0x7f0000000300)={0x3, @default, r2})
socket(0x10, 0x2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000480)=0x1, 0x4)
r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000000)={<r4=>0x0})
ioctl$DRM_IOCTL_NEW_CTX(0xffffffffffffffff, 0x40086425, &(0x7f0000000000)={r4})
ioctl$DRM_IOCTL_RM_CTX(0xffffffffffffffff, 0xc0086421, &(0x7f0000000100)={r4, 0x2})
ioctl$DRM_IOCTL_UNLOCK(r3, 0x4008642b, &(0x7f0000000400)={r4, 0x1})
lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380))
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0xffff7ffffffffffe, 0x45, 0x0, 0x0, &(0x7f00000011c0))

[ 1405.189037] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1405.196172] Bluetooth: Unknown HCI packet type 5e
[ 1405.201249] Bluetooth: Unknown HCI packet type 43
[ 1405.217992] audit: type=1804 audit(1586318265.764:187): pid=19944 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/154/bus" dev="sda1" ino=16129 res=1
[ 1405.250259] Bluetooth: Unknown HCI packet type 5e
[ 1405.281230] Bluetooth: Unknown HCI packet type 50
[ 1405.305926] Bluetooth: Unknown HCI packet type 5e
[ 1405.316760] Bluetooth: Unknown HCI packet type 40
03:57:46 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB], 0x2a)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:46 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x8400fffffffa)
ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000140)={0x3, 'tunl0\x00', {0xcf9}, 0x1167})
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={<r5=>r4})
write$binfmt_script(r5, &(0x7f0000000780)=ANY=[@ANYBLOB="2321202e2f627573202a76626f786e6574312d70726f63270a835f78e96b36ff07e2202cd362274252d8d30d0caae0c49069139274741d29d52658ee2ed60f1317a85bceed489f7b6c66907a51b986f27e55b9179334d26cd6716eea5dbd3fa6c067283c391796e61eaa7d6075943aec9e1d52ff3b6ebc30eaafbf9b268bb297ba3bbe4b1ec34a7892a6dd399f5e060ebb295a3ba08a87d6113f491faa0dbdd6e6fefeae807be9ec19b5290bf80ac08231a92115fdc613608334edf37f51d08fd4d074fca724af85e00f86cb52940b12bca84c8530771ede7da10c77bbb630c2b6bca93bf662cb44e6e7267250f1edb564e3eca82e5309734ca36106ad551e1addb9434e0640a56fd9f1344a9cc1343538b14ec7c0b316c49046069405cda0db20c74ef80000000000000000000000000000000067ea55dac24e4bd1f1105df64db3cbe0881c0e9d90a4647ced0472283c168e16ddb2899a20d75711ca686946fce89dc97d67b483e8b82b47f8732fe6550ac3df02d266ecb733ee14a9e8206b1f8682f4c9c1aaa1abfcff83ac004c8925c95c0847a897043b2ba1d8df117831f6b506c0a6be5e448488bd08f7d2335ff55c971967a0bfa147ff1ac3d2c2b6acc6730a5b9fc308e4247de778317bc77b099a985e24c18a9b4af602e9bae66664cfe2dc13762a28ff955ea35081c79fd6d15c910bc24a8c41eca5bcbce16496ad6828eae60bdb834b442e49260168be4ba28afea4929dfc4ba26294f8dc080c31ac0838d45cd5b5b667ac60c2bacfb2ff11f8554d31200717d28d2d665d263505a6393d10adc9f1245ae408b9b9c53bfb6a"], 0xdf)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
ioctl$TIOCGSERIAL(r4, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/242})

03:57:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:46 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB], 0x2a)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:46 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x4)
fchdir(r0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = accept$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000140)=0x14)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x6, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendfile(r6, r5, 0x0, 0x4000808100000003)

03:57:46 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB], 0x2a)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1406.010454] audit: type=1804 audit(1586318266.564:188): pid=19974 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/154/bus" dev="sda1" ino=16129 res=1
[ 1406.188624] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1406.295988] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1406.468953] audit: type=1804 audit(1586318267.014:189): pid=19944 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/154/bus" dev="sda1" ino=16129 res=1
03:57:47 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc2"], 0x67)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:47 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
connect$nfc_raw(r4, &(0x7f00000000c0)={0x27, 0x0, 0x0, 0x6}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x20, 0x10, 0x581, 0x70bd2d}, 0x20}}, 0x0)
fchdir(r0)
r5 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyprintk\x00', 0x2, 0x0)
ftruncate(r5, 0x208200)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r6, r6, 0x0, 0x7)

03:57:47 executing program 5:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000040)=0xf)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x4033)
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x80040, 0x0)
r1 = socket$inet(0x2, 0x4000000805, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
r3 = dup3(r1, r2, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}], 0x10)
sendto$inet(r3, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r2, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, <r4=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x6c, &(0x7f000059aff8)={r4}, &(0x7f000034f000)=0x2059b000)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/stat\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000280)={0xfffffc00, 0x6, 0x1, 'queue0\x00', 0x8000})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r4, 0x63}, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={r4, @in6={{0xa, 0x4e22, 0x6, @mcast2}}, 0x591, 0x4}, &(0x7f0000000200)=0x90)
r6 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x5, 0x92000)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f00000000c0)={0x3, r6})

03:57:47 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc2"], 0x67)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1406.587869] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1407.128021] Bluetooth: Unknown HCI packet type 5e
[ 1407.128087] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1407.133199] Bluetooth: Unknown HCI packet type 43
[ 1407.154830] audit: type=1804 audit(1586318267.704:190): pid=20030 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/230/bus" dev="sda1" ino=16001 res=1
[ 1407.185182] Bluetooth: Unknown HCI packet type 5e
[ 1407.202601] Bluetooth: Unknown HCI packet type 50
[ 1407.209306] Bluetooth: Unknown HCI packet type 5e
[ 1407.214725] Bluetooth: hci0 command 0x1003 tx timeout
[ 1407.225064] Bluetooth: hci0 sending frame failed (-49)
[ 1407.232537] Bluetooth: Unknown HCI packet type 40
[ 1407.929780] Bluetooth: hci1 command 0x1003 tx timeout
[ 1407.935353] Bluetooth: hci1 sending frame failed (-49)
[ 1409.129670] Bluetooth: hci2 command 0x1003 tx timeout
[ 1409.136109] Bluetooth: hci2 sending frame failed (-49)
[ 1409.289665] Bluetooth: hci0 command 0x1001 tx timeout
[ 1409.294981] Bluetooth: hci0 sending frame failed (-49)
[ 1410.009646] Bluetooth: hci1 command 0x1001 tx timeout
[ 1410.014982] Bluetooth: hci1 sending frame failed (-49)
[ 1411.209686] Bluetooth: hci2 command 0x1001 tx timeout
[ 1411.215075] Bluetooth: hci2 sending frame failed (-49)
[ 1411.369538] Bluetooth: hci0 command 0x1009 tx timeout
[ 1412.089482] Bluetooth: hci1 command 0x1009 tx timeout
[ 1413.289461] Bluetooth: hci2 command 0x1009 tx timeout
03:57:55 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc2"], 0x67)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:55 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket$inet(0x2, 0x4000000805, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = dup3(r2, r3, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}], 0x10)
sendto$inet(r4, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r3, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, <r5=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r4, 0x84, 0x6c, &(0x7f000059aff8)={r5}, &(0x7f000034f000)=0x2059b000)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r5, 0x63}, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={r5, 0x2c, &(0x7f00000000c0)=[@in={0x2, 0x4e23, @broadcast}, @in6={0xa, 0x4e23, 0x8895, @empty, 0xffff9541}]}, &(0x7f0000000140)=0x10)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:57:55 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7348a4fa0500950a1c34950638c76f91054f123cc09f3cc709925db22b883501389b10059f6e6917637aa6"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
pwritev(r1, &(0x7f0000000380)=[{&(0x7f0000000140)="4120e979ea93245e45a2886ac891a511637f2f313c7d2deb8114d7d90b74e93315d168e8c596cd4575418cc65920677d94ad1fcdf6b8ee44aedc0931f8e0c075c2d4b1586aaea9673f9f1eec9987d1fdc7a9fa8d57bdfa50", 0x58}, {&(0x7f0000000200)="26c86217f0fc45e344c5812772b69295e83bba0ba105fbf0273b9492ad1707288792bea9527bf3add5fe30c8e89bd99aa7ce1258c38ce7f1dc4fbe19afb97ab5be6618fad69f0dac42e80461d4100aef229359aaef024be4570f70f12134e01239de26d8ae3d05dc06c16a5b53551d7c835545ff93b67118c39742cc61cbe5d3e6a7d790b5e47c8b4ccf7ed17bfb8b3fd15c423ac2364b4e08f9", 0x9a}, {&(0x7f0000000440)="f6a0ac99d6d1f77ab264d4ae3a7bf9f27aa2482d7aa73f1626c1d714b0177d85e46e25d0bbba4e00b41af2067ef5e9ce9a076c6513140040cfd66552bcb8eba78191fa6a8479387ce58e6b0b166bcfeb81439dd255296632aa71493c3ee25c35f3af9e2b6568f9299cebaa5ea3667ec7b872c564394d22a6bc5be629f9e789920ac494a1023fdea2e23cfdaf787920202f0f8d33b18c3c35e29338ab2e9767d989c6a1693750813146ee85cbf9e93aaac135f39775e8ad0cbb31e4fa9695c19868514c70e5da7031e8964b83e733de091130f7689a71d41c717fe184b64f5fec34c8a5f5f9501a2c5ef59a5d97e5bcd0b63000f63a04d8edd201b2c3aaa1", 0xfe}, {&(0x7f0000000540)="303f732152c7e68819132fcb3a0c7b2debc2c7b1a173aae803c0c7ed548f460d8d84be50a729f7f493c0c93c89097a01112a77930515227cde5d8a478902ee59f886f5c6f9a9521ca6121bed19fd6a3fc06ad9c82ecf3ce2a0a71f1deede72357dda3a8a0f82a75293ea33cf6240a1d87b1966bc0a7a5da9cb1ce6dcd05100db8f4bd0d8238037782444abbfc72cffd3968aeec26abd724f0109f36766bdcefd384086137201ff0a94eba25ad7ffa679a8b33af0094d49db417bdd88f43a3acf5b5cbcfa8dd9", 0xc6}, {&(0x7f0000000640)="75aa7cbd08772bfd39882bf07b762dd9bd87187ae0f5113ab88a2644c3500f1e55e0b57f38fbc5ce6f74085213a71450d1e91cb195764b6cef670e35da77fb7f439bc70b752312b552d2cdcb41ca316d70239fbc5c405b3f24a1ee8a4fb1afc509813148a7e5648a10d9044f3ae0680d57580c08ead460d4f7d24f23bafa9f082b2c091905fd7a99c9e33800bbdf9e6aaf0bba0617f30bec5940abbfa982", 0x9e}, {&(0x7f00000002c0)="e29a16e059157eab54e1c925a9692aa89b4b4de82510fe4cd5210b0a2e779bd29bdbc69eec0747f55ee4d963500edd770063ab6fae90ce010f67fbe7a201bb0d205f37523f129a0b96b07aa4ac71", 0x4e}], 0x6, 0xff)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000700)={0x5, @sliced={0x6, [0x200, 0x200, 0x7, 0x0, 0x7, 0x1f, 0xfff9, 0x747f, 0x4, 0x9, 0x400, 0x200, 0x0, 0xb9, 0x2, 0x401, 0x632, 0x69, 0x8001, 0x1f, 0xa7a, 0xbf8, 0x7f, 0x0, 0xffff, 0x40, 0x1, 0x2, 0x4, 0x8, 0x3, 0x46, 0x4, 0x5, 0x1, 0xffff, 0x3, 0x400, 0x9, 0x2, 0x6, 0x9, 0x400, 0x1000, 0x1, 0x6, 0x100, 0x4bc5]}})
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1415.430535] tmpfs: No value for mount option 'sH¤ú'
[ 1415.541186] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1415.577927] Bluetooth: Unknown HCI packet type 5e
[ 1415.583162] Bluetooth: Unknown HCI packet type 43
[ 1415.588448] Bluetooth: Unknown HCI packet type 5e
[ 1415.600792] Bluetooth: Unknown HCI packet type 50
[ 1415.605859] Bluetooth: Unknown HCI packet type 5e
[ 1415.619769] Bluetooth: Unknown HCI packet type 40
[ 1415.624675] tmpfs: No value for mount option 'sH¤ú'
03:57:57 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53"], 0x85)
fallocate(r0, 0x8, 0x0, 0x8000)

03:57:57 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x13)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r5 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r6 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="f9b581803575378c954fb7aebedfd33d0c486c0b619775548afc4379887c2c496a21eed85775031b5b9910c3c7fa9c25d46aa5aa18f72c3d4fd2a6c44834f712f99cf2c38f0b9502a83b2718c9dee01fd009931e8810e6fd57a144", @ANYRESHEX=r7, @ANYBLOB=',\x00'])
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r7}}]})

03:57:57 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='ije\\7\x00'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x80300, 0x0)
r4 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcsa\x00', 0xc441, 0x0)
symlink(&(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='./file0\x00')
ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, &(0x7f0000000440)={{0x0, 0x0, 0x80}})
ioctl$TIOCGSID(r3, 0x5429, &(0x7f00000000c0))
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:57:57 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

03:57:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000700)={0x0, 0x0, 0x2, 0x4, 0x1a5, &(0x7f0000000300)="8ea32433bda86540d6738684b96edc43b515a8ac8861015e15ac8f77434c9f4bb256c06a983dce748611c050c0c1209dd29cd14eba9aba7d0c5af946ca7fb2e948fad7ae7cb08ec0572ad56da69f8e73a693a2d207506936dc30b6eb178956278e19796770e41d9e394fb13215a605707ea92d2ac9fc01744cf013b7460e6cbdbf2ad0135a9078c20b1822d4ae78da7ab37b1948efc26105987c76eff356a5807f1dcd6d58dfb8caa526db69c82a63479bfbce2fed2934ad684eccb1223595e6b14a963b1221a8f010772a1f33c6ac44043737baec1322e8000650b2e09f719bd1998849eb8a3a41b1c37b5c715cab293dedad646d2f81ce65f0c64b30efa2eed0cb3bc0f821f2f4d1db1fa81f3b87761ac17252db29416a75d21e327476761cc986144757d1fbcae5d3d0830a5834547075fb1db3da74a165be681f8389a4ce18ad2fef23f322b024cf6e1bbcd56991e5f2454bb464d4bcb329ad14ea76f02de56ad91202aff0f923c6cbbdc52bedd54ae3cc40f8d9fbd717f54398bf0ca978eb4e0977efd117f560cbf7e1513152055affedaf4c74a48b5f324edb9ccd873919dc915ff2a35a88bce4a5ba91d85ef74a396f01c453e469728d989b58029dab486a1385d86caed7d979492b990aeacb79a4a5ce8e2cb0163459e1f6e9f30db45ce60b4a6b70bd355692146685206cc842c0f8c86db35583eec0fff394ceae41c941e8e78b187e0ce8a2eed5ce130b693274e4010289c64471874a19dafec54c61eaab88bfe52cd96e742252fa63f0cadfd7005006d50267fb1760011dc46fdfc7594e9330f0163d3afc7d5fc91ad041753ded5cebc79b086c8f885fa9bf35f835092502f419a4ab3039ad6682c7b9a6428e176274040d05a6b33e0e096576a02b0b4e647ec74e81e9d845035ae0a97b14bd9cc312aa4e24505912c161031a9aff32ae6a60db34fbb635a0f47a2b412ecdbcaf99af5bda36b973cfbd44e700ec10c3a0dfe5e1f11db923c0ae415d731b557595dc81dae0fbc8ec318f3a06c7a9f64ab8ff5f06efbc2f562e906fc46dc02f762ffb0ccc7556b1cc8208bd2aa1ece50f2e51a7257dfba9c929c81ef816493d9770d510c0c5e65bb454100a64fabdb4c9aff723ab7ad6bb9ca67ee08642ca8399a5989be2ce2ddfbe2602f26bffc2646820ecdb4016b42a7673d25dc8eeadcd75bebbc3b2be7c2e0047ae4e6c09a10db0fde57ddebc6de48b38a79b313650baa85b012c36841a7d4e6c22dcf9e4832c57d56f336fcef2d9763748663eb9e6152628013ef268b44052f7c98dffaec22944acbfb7355b73f4be75ce96cb95008d457d63cf3497e72563498a6b6b582798a7cfb1489f54fefd853095e832bc4ad0dc0499b9e0b90913fcbc7fbaead65e6a5eed84ae99cf41c6bfce82c18c0c21a8e4fa047403924eee7d32ca5ef7fe87"})
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140)='nl80211\x00')
sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00022abd7000ffdbdf2545000025550008000100ffff07000000010004000000"], 0x24}, 0x1, 0x0, 0x0, 0x4020}, 0x80)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1417.346581] tmpfs: No value for mount option 'ije\7'
03:57:57 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53"], 0x85)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1417.375217] audit: type=1804 audit(1586318277.925:191): pid=20083 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/350/bus" dev="sda1" ino=16103 res=1
[ 1417.490513] hfs: unable to parse mount options
[ 1417.531643] hfs: gid requires an argument
[ 1417.535860] hfs: unable to parse mount options
03:57:58 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53"], 0x85)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1417.582505] tmpfs: No value for mount option 'ije\7'
[ 1417.614502] Bluetooth: hci0 command 0x1003 tx timeout
[ 1417.620367] Bluetooth: hci0 sending frame failed (-49)
03:57:58 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)=@random={'os2.', '\x00'}, &(0x7f0000000200)=""/132, 0x84)

[ 1417.649956] audit: type=1804 audit(1586318278.205:192): pid=20091 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/154/file0/bus" dev="sda1" ino=16033 res=1
03:57:58 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16"], 0x94)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1417.743566] audit: type=1804 audit(1586318278.205:193): pid=20080 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/154/file0/bus" dev="sda1" ino=16033 res=1
03:57:58 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16"], 0x94)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1418.141144] audit: type=1804 audit(1586318278.695:194): pid=20090 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/350/bus" dev="sda1" ino=16103 res=1
[ 1418.237808] hfs: unable to parse mount options
[ 1418.300724] audit: type=1804 audit(1586318278.855:195): pid=20131 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir290912971/syzkaller.dVHn3k/350/bus" dev="sda1" ino=16103 res=1
[ 1418.522818] Bluetooth: Unknown HCI packet type 5e
[ 1418.522917] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1418.529554] Bluetooth: Unknown HCI packet type 43
[ 1418.538788] Bluetooth: Unknown HCI packet type 5e
[ 1418.548662] Bluetooth: Unknown HCI packet type 50
[ 1418.553949] Bluetooth: Unknown HCI packet type 5e
[ 1418.558973] Bluetooth: Unknown HCI packet type 40
[ 1419.448859] Bluetooth: hci1 command 0x1003 tx timeout
[ 1419.454249] Bluetooth: hci1 sending frame failed (-49)
[ 1419.688893] Bluetooth: hci0 command 0x1001 tx timeout
[ 1419.694344] Bluetooth: hci0 sending frame failed (-49)
[ 1420.568855] Bluetooth: hci2 command 0x1003 tx timeout
[ 1420.574205] Bluetooth: hci2 sending frame failed (-49)
[ 1421.538771] Bluetooth: hci1 command 0x1001 tx timeout
[ 1421.544124] Bluetooth: hci1 sending frame failed (-49)
[ 1421.768823] Bluetooth: hci0 command 0x1009 tx timeout
[ 1422.648705] Bluetooth: hci2 command 0x1001 tx timeout
[ 1422.654102] Bluetooth: hci2 sending frame failed (-49)
[ 1423.611292] Bluetooth: hci1 command 0x1009 tx timeout
[ 1424.728564] Bluetooth: hci2 command 0x1009 tx timeout
03:58:06 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)

03:58:06 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16"], 0x94)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:06 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
write$binfmt_elf32(r1, &(0x7f0000000240)={{0x7f, 0x45, 0x4c, 0x46, 0x8, 0xa, 0xf5, 0x8, 0x7, 0x3, 0x3e, 0x4d, 0x221, 0x38, 0x3a1, 0x2d8, 0x2, 0x20, 0x2, 0x101, 0x8, 0x5}, [{0x6, 0x400, 0xe019, 0x1fe0000, 0x3, 0x5, 0xfffffff9, 0x7}], "4f69ce38ef6c80857e7db8e4ff3fa4b5c78ff59a1dc725b2e5aee63bf2db7d978923efe94893f1b4f3707861ba3d0e450dfc95b594a3a3f99af1fa1d3c95ebdd04ebafc37e40642f1be51a69d8ef8e021f3dd283a7f610083088a4c0425b0a0ba33e16c210b34045914d69cf74dc45d7b05646aab7f036fea7cfdfb9e2e487fb831a0d4d24d27862de50d521f9", [[]]}, 0x1e5)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r4}}]})

03:58:06 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r2, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r2, 0xc0bc5351, &(0x7f0000000380)={0x50000, 0x3, 'client0\x00', 0xffffffff80000000, "fc42f2b04356300a", "e5b56fac0aca91abcec50c9c4255c701897e77a58ebffc2a491682d479f91c3a", 0x40, 0x6})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0)='nl80211\x00')
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, r4, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}, @NL80211_ATTR_SOCKET_OWNER={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r4, 0x100, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_MAC={0xa, 0x6, @remote}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000005}, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, 0x8, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x8)
statx(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1000, 0xfff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setuid(r5)
dup(0xffffffffffffffff)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
fsetxattr(r3, &(0x7f0000000580)=@known='com.apple.FinderInfo\x00', &(0x7f00000005c0)='}:mime_typekeyringselfproc{{\'vboxnet0em0userem0selfself\x00', 0x38, 0x1)

03:58:06 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800000000"], 0x9c)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1425.669998] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2568 sclass=netlink_route_socket pig=20157 comm=syz-executor.4
[ 1425.735315] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1425.744307] Bluetooth: Unknown HCI packet type 5e
[ 1425.749619] Bluetooth: Unknown HCI packet type 43
[ 1425.759615] Bluetooth: Unknown HCI packet type 5e
[ 1425.764521] Bluetooth: Unknown HCI packet type 50
[ 1425.778612] hfs: gid requires an argument
[ 1425.782825] hfs: unable to parse mount options
[ 1425.792180] Bluetooth: Unknown HCI packet type 5e
[ 1425.797158] Bluetooth: Unknown HCI packet type 43
[ 1425.804374] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1544 sclass=netlink_route_socket pig=20164 comm=syz-executor.5
[ 1425.822166] Bluetooth: Unknown HCI packet type 5e
[ 1425.829042] Bluetooth: Unknown HCI packet type 5e
[ 1425.844157] Bluetooth: Unknown HCI packet type 40
[ 1425.846089] Bluetooth: Unknown HCI packet type 50
[ 1425.850422] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1425.866807] Bluetooth: Unknown HCI packet type 5e
[ 1425.880345] Bluetooth: Unknown HCI packet type 40
03:58:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

[ 1427.568854] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1427.768288] Bluetooth: hci0 command 0x1003 tx timeout
[ 1427.773681] Bluetooth: hci0 sending frame failed (-49)
[ 1427.848217] Bluetooth: hci3 command 0x1003 tx timeout
[ 1427.853635] Bluetooth: hci3 sending frame failed (-49)
03:58:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800000000"], 0x9c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:09 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x7, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYPTR64])
r1 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r1)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r3 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r3, 0x1000)
lseek(r3, 0x0, 0x2)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x8400fffffffa)
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000140)={0x7, 0x0, [{}, {}, {}, {}, {}, {}, {}]})
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:58:09 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000100)={0x6, 0x983, &(0x7f0000000240)="5da110f349e92d67284f1944f44aa73f8e0da3e0070ba4ea395f6b5da28c5324fa6cb02736bbdb1e366ee8ac2547ba447b0a6e2366ccccf8e7a850c161ab8b78d7b30b91d47c644c0056cd95eb074cba7ee05821abc2cbaf645182ca572635f7b3efe247aa72cd48f405a9f94b17d3fafbe3795dd0b64241e5462f7a35f4a5cb86e6d0cc5ec2b0000d9d4aac39384901c56ad9ed1de4d8ba56f313f6be4a56a43ec2c221e531382761ab4f984bb371e15c579b04784a276a6bc97df639dbbd1bcabb6e03292dcd4bfdbacc9dc3cee5f3b7183078056fec29af1aef026ffa6caa7427f730", &(0x7f0000000340)="518ccd044aa87512c128985eff3289c3489d8a2de6860001dc3d50f15fb7c27e69cf02a316226e38450cbd2875f1ce243ba51ed82743f7a5dbc0c6e99fd43fb09c85d068542662b75f710bb6a70bfe5854ff9929696349bca826104d7d93b56f89059a9c2616e580daffa817db406d2e3b8212c4a88bac6c19b4aeba39c9ef380d8223534581dff916", 0xe4, 0x89})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1428.853324] Bluetooth: Unknown HCI packet type 5e
[ 1428.858954] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1428.861425] Bluetooth: Unknown HCI packet type 43
[ 1428.874224] Bluetooth: Unknown HCI packet type 5e
[ 1428.881273] Bluetooth: Unknown HCI packet type 50
[ 1428.886329] Bluetooth: Unknown HCI packet type 5e
[ 1428.893311] Bluetooth: Unknown HCI packet type 40
03:58:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800000000"], 0x9c)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec367780000000000000000"], 0xa0)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec367780000000000000000"], 0xa0)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec367780000000000000000"], 0xa0)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/120], 0xa2)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1429.608094] Bluetooth: hci1 command 0x1003 tx timeout
[ 1429.613412] Bluetooth: hci1 sending frame failed (-49)
[ 1429.848106] Bluetooth: hci0 command 0x1001 tx timeout
[ 1429.853428] Bluetooth: hci0 sending frame failed (-49)
[ 1429.928231] Bluetooth: hci3 command 0x1001 tx timeout
[ 1429.933568] Bluetooth: hci3 sending frame failed (-49)
[ 1430.888123] Bluetooth: hci2 command 0x1003 tx timeout
[ 1430.893456] Bluetooth: hci2 sending frame failed (-49)
[ 1431.688044] Bluetooth: hci1 command 0x1001 tx timeout
[ 1431.693350] Bluetooth: hci1 sending frame failed (-49)
[ 1431.928012] Bluetooth: hci0 command 0x1009 tx timeout
[ 1432.008106] Bluetooth: hci3 command 0x1009 tx timeout
[ 1432.968122] Bluetooth: hci2 command 0x1001 tx timeout
[ 1432.974446] Bluetooth: hci2 sending frame failed (-49)
[ 1433.767882] Bluetooth: hci1 command 0x1009 tx timeout
[ 1435.057728] Bluetooth: hci2 command 0x1009 tx timeout
03:58:16 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/120], 0xa2)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:16 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='7\x00@\x00\x00\x00'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:58:16 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
munlockall()
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1435.953809] Bluetooth: Unknown HCI packet type 5e
[ 1435.954188] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1435.964541] Bluetooth: Unknown HCI packet type 43
[ 1435.969289] tmpfs: No value for mount option '7'
[ 1435.976465] Bluetooth: Unknown HCI packet type 5e
[ 1435.990810] Bluetooth: Unknown HCI packet type 50
[ 1436.004610] Bluetooth: Unknown HCI packet type 5e
[ 1436.009727] Bluetooth: Unknown HCI packet type 40
[ 1436.084559] tmpfs: No value for mount option '7'
03:58:18 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x3)

03:58:18 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
socket$bt_rfcomm(0x1f, 0x3, 0x3)
r3 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}], 0x10)
sendto$inet(r3, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, <r4=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x6c, &(0x7f000059aff8)={r4}, &(0x7f000034f000)=0x2059b000)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r4, 0x63}, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000280)={0x0, 0xfff, 0xffffffff, 0x8, 0xd95, 0x9, 0x20, 0x0, {r4, @in={{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1067ca84, 0x5, 0x4000000, 0x9, 0xffffff31}}, &(0x7f0000000340)=0xb0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)={[{@part={'part', 0x3d, 0x7fff}}]})

03:58:18 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/120], 0xa2)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1437.800915] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1437.807957] Bluetooth: Unknown HCI packet type 5e
[ 1437.813053] Bluetooth: Unknown HCI packet type 43
[ 1437.821614] Bluetooth: Unknown HCI packet type 5e
[ 1437.838852] hfs: can't find a HFS filesystem on dev loop4
[ 1437.848665] Bluetooth: Unknown HCI packet type 50
[ 1437.858545] Bluetooth: Unknown HCI packet type 5e
[ 1437.863551] Bluetooth: Unknown HCI packet type 5e
[ 1437.863799] Bluetooth: Unknown HCI packet type 43
[ 1437.874294] Bluetooth: Unknown HCI packet type 40
[ 1437.882436] Bluetooth: Unknown HCI packet type 5e
[ 1437.887720] Bluetooth: Unknown HCI packet type 50
[ 1437.897279] Bluetooth: Unknown HCI packet type 5e
[ 1437.922230] Bluetooth: Unknown HCI packet type 40
[ 1438.007559] Bluetooth: hci0 command 0x1003 tx timeout
[ 1438.013019] Bluetooth: hci0 sending frame failed (-49)
03:58:19 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="73697a653d37d0b88889039f7a0b6227412f86ebff398a025ad906381930e6f383"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r4 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r4, 0x1000)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000240)={0x0, r0, 0x400, 0x6, 0xdc40, 0x8})
lseek(r4, 0x0, 0x2)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8400fffffffa)
ioctl$IOC_PR_PREEMPT_ABORT(r5, 0x401870cc, &(0x7f0000000140)={0x200, 0x2, 0x1, 0x3d3a6515})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$bt_BT_CHANNEL_POLICY(r3, 0x112, 0xa, &(0x7f00000000c0)=0xe5, 0x4)

03:58:19 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x2)
r1 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x8400fffffffa)
ioctl$TIOCGDEV(0xffffffffffffffff, 0x80045432, &(0x7f0000000380))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x18)
r2 = socket(0x10, 0x803, 0x0)
r3 = open(&(0x7f0000000340)='./file0\x00', 0x141000, 0x10)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x4000)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0)
accept(r4, &(0x7f0000000240)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x80)

03:58:19 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xa1)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1439.095918] tmpfs: Bad value '7иˆ‰Ÿzb'A/†ëÿ9ŠZÙ80æóƒ' for mount option 'size'
[ 1439.118077] Bluetooth: Unknown HCI packet type 5e
[ 1439.123050] Bluetooth: Unknown HCI packet type 43
[ 1439.133034] Bluetooth: Unknown HCI packet type 18
[ 1439.138424] Bluetooth: Unknown HCI packet type 5e
03:58:19 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xa1)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1439.145679] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1439.168772] Bluetooth: Unknown HCI packet type 50
[ 1439.173670] Bluetooth: Unknown HCI packet type 5e
[ 1439.207849] Bluetooth: Unknown HCI packet type 40
[ 1439.231645] audit: type=1804 audit(1586318299.786:196): pid=20303 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/159/file0/bus" dev="sda1" ino=16218 res=1
03:58:19 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xa1)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:19 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0x91)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:20 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0x91)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:20 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0x91)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1439.847358] Bluetooth: hci1 command 0x1003 tx timeout
[ 1439.852696] Bluetooth: hci1 sending frame failed (-49)
[ 1439.927626] Bluetooth: hci3 command 0x1003 tx timeout
[ 1439.932974] Bluetooth: hci3 sending frame failed (-49)
[ 1440.087346] Bluetooth: hci0 command 0x1001 tx timeout
[ 1440.102703] Bluetooth: hci0 sending frame failed (-49)
[ 1440.151644] tmpfs: Bad value '7иˆ‰Ÿzb'A/†ëÿ9ŠZÙ80æóƒ' for mount option 'size'
[ 1440.181805] audit: type=1804 audit(1586318300.736:197): pid=20351 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/159/file0/file0/bus" dev="sda1" ino=16211 res=1
[ 1441.127308] Bluetooth: hci2 command 0x1003 tx timeout
[ 1441.133708] Bluetooth: hci2 sending frame failed (-49)
[ 1441.937274] Bluetooth: hci1 command 0x1001 tx timeout
[ 1441.942664] Bluetooth: hci1 sending frame failed (-49)
[ 1442.007224] Bluetooth: hci3 command 0x1001 tx timeout
[ 1442.012577] Bluetooth: hci3 sending frame failed (-49)
[ 1442.177177] Bluetooth: hci0 command 0x1009 tx timeout
[ 1443.207173] Bluetooth: hci2 command 0x1001 tx timeout
[ 1443.212580] Bluetooth: hci2 sending frame failed (-49)
[ 1444.007078] Bluetooth: hci1 command 0x1009 tx timeout
[ 1444.087133] Bluetooth: hci3 command 0x1009 tx timeout
[ 1445.287060] Bluetooth: hci2 command 0x1009 tx timeout
03:58:26 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x264000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:58:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x3)

03:58:28 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x40005)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r3 = socket(0x10, 0x6, 0x400)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f0000000540))
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r4 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRESHEX=r5, @ANYBLOB=',\x00'])
r6 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0xfffffffffffffffa, 0x109000)
ioctl$KDADDIO(r6, 0x4b34, 0xdee)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000280)={0x6e, 0x1, 0x4, 0xe000, 0x8, {0x77359400}, {0x4, 0x0, 0x9, 0x1f, 0x7f, 0x40, "8fa7edd1"}, 0x7, 0x2, @fd, 0x9, 0x0, <r7=>0xffffffffffffffff})
ioctl$KVM_GET_IRQCHIP(r7, 0xc208ae62, &(0x7f0000000300)={0x0, 0x0, @ioapic})

03:58:28 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xa1)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:28 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
ftruncate(0xffffffffffffffff, 0x208200)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r1, r1, 0x0, 0x8080fffffffe)

[ 1448.077689] Bluetooth: Unknown HCI packet type 5e
[ 1448.082736] Bluetooth: Unknown HCI packet type 43
[ 1448.117388] Bluetooth: Unknown HCI packet type 5e
[ 1448.142950] Bluetooth: Unknown HCI packet type 50
[ 1448.170297] Bluetooth: Unknown HCI packet type 5e
[ 1448.189468] Bluetooth: Unknown HCI packet type 40
[ 1448.199810] hfs: can't find a HFS filesystem on dev loop4
03:58:29 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xa1)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:29 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ftruncate(0xffffffffffffffff, 0x1000)
lseek(0xffffffffffffffff, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x8400fffffffa)
write$P9_RCLUNK(0xffffffffffffffff, &(0x7f0000000100)={0x7, 0x79, 0x1}, 0x7)
r4 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r4, 0x1000)
lseek(r4, 0x0, 0x2)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x8400fffffffa)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x15)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x20000, 0x0)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:58:29 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='kHwN', @ANYRESHEX=r3, @ANYBLOB="815f"])
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
accept$inet6(r4, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000280)=0x1c)

03:58:29 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="73697a653d374cf4f78073135611d25845c68427c985849c2a2a9472ca3397997497b333d217dfd7ec9e7013106dfa7dd83d15205bbb810900c9bdc5ab0bb2d76a0700000000000000005a89d74d2d9633"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100)='SEG6\x00')
sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x2c, r3, 0x5, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x9}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xd99}]}, 0x2c}, 0x1, 0x6c}, 0x0)
sendmsg$SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x3c, r3, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x430f}, @SEG6_ATTR_SECRET={0x14, 0x4, [0x631, 0x7fffffff, 0x7, 0x20]}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044804}, 0x40000)
ftruncate(r1, 0x208200)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r4, r4, 0x0, 0x8080fffffffe)

[ 1449.363690] Bluetooth: Unknown HCI packet type 5e
[ 1449.369080] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1449.378353] Bluetooth: Unknown HCI packet type 43
[ 1449.388369] audit: type=1804 audit(1586318309.947:198): pid=20412 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
03:58:29 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xa1)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:30 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r3, 0x0, 0x8400fffffffa)
r4 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r4, 0x1000)
lseek(r4, 0x0, 0x2)
open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r0, 0x0, 0xfff)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f0000000380)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=0xfffffffeffffffff, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x6, 0x1}, 0x0, 0x0, &(0x7f0000000500)={0x3, 0xa, 0xac63, 0x77d}, &(0x7f0000000300)=0xce62, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=0x8}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={0x0, r3, 0x0, 0xa, &(0x7f0000000140)='/dev/ptmx\x00', r5}, 0x30)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000540)=0x14)
setsockopt$inet6_tcp_int(r2, 0x6, 0x7, &(0x7f00000000c0)=0x9, 0x4)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xc)

[ 1449.401378] tmpfs: Bad value '7Lô÷€sVÒXEÆ„'É…„œ**”rÊ3—™t—³3Òß×ìžpmú}Ø= [»�	' for mount option 'size'
[ 1449.446268] hfs: unable to parse mount options
[ 1449.450062] Bluetooth: Unknown HCI packet type 5e
[ 1449.490687] Bluetooth: Unknown HCI packet type 50
[ 1449.499706] Bluetooth: Unknown HCI packet type 5e
03:58:30 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0x8f)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1449.529889] audit: type=1804 audit(1586318310.027:199): pid=20427 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
[ 1449.554378] Bluetooth: Unknown HCI packet type 40
[ 1449.587062] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1449.607675] Bluetooth: Unknown HCI packet type 5e
[ 1449.614826] Bluetooth: Unknown HCI packet type 43
[ 1449.625583] tmpfs: Bad value '7Lô÷€sVÒXEÆ„'É…„œ**”rÊ3—™t—³3Òß×ìžpmú}Ø= [»�	' for mount option 'size'
[ 1449.642275] Bluetooth: Unknown HCI packet type 5e
[ 1449.648184] Bluetooth: Unknown HCI packet type 50
[ 1449.653359] Bluetooth: Unknown HCI packet type 5e
[ 1449.658603] Bluetooth: Unknown HCI packet type 40
03:58:30 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRESHEX])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1449.688226] audit: type=1804 audit(1586318310.037:200): pid=20427 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
[ 1449.764902] audit: type=1804 audit(1586318310.067:201): pid=20412 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
[ 1449.775457] tmpfs: No value for mount option '0xffffffffffffffff'
[ 1449.830858] audit: type=1804 audit(1586318310.167:202): pid=20432 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/234/bus" dev="sda1" ino=16142 res=1
[ 1449.965686] tmpfs: No value for mount option '0xffffffffffffffff'
[ 1450.086908] Bluetooth: hci0 command 0x1003 tx timeout
[ 1450.092332] Bluetooth: hci0 sending frame failed (-49)
[ 1450.269800] audit: type=1804 audit(1586318310.827:203): pid=20427 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
[ 1450.351940] audit: type=1804 audit(1586318310.907:204): pid=20462 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
[ 1450.377587] audit: type=1804 audit(1586318310.907:205): pid=20463 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
[ 1450.403710] audit: type=1804 audit(1586318310.907:206): pid=20463 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
[ 1450.429766] audit: type=1804 audit(1586318310.907:207): pid=20427 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/160/bus" dev="sda1" ino=16136 res=1
[ 1451.366559] Bluetooth: hci1 command 0x1003 tx timeout
[ 1451.371906] Bluetooth: hci1 sending frame failed (-49)
[ 1451.606499] Bluetooth: hci2 command 0x1003 tx timeout
[ 1451.612042] Bluetooth: hci2 sending frame failed (-49)
[ 1452.166516] Bluetooth: hci0 command 0x1001 tx timeout
[ 1452.171851] Bluetooth: hci0 sending frame failed (-49)
[ 1453.446422] Bluetooth: hci1 command 0x1001 tx timeout
[ 1453.452693] Bluetooth: hci1 sending frame failed (-49)
[ 1453.686410] Bluetooth: hci2 command 0x1001 tx timeout
[ 1453.691864] Bluetooth: hci2 sending frame failed (-49)
[ 1454.246386] Bluetooth: hci0 command 0x1009 tx timeout
[ 1455.526279] Bluetooth: hci1 command 0x1009 tx timeout
[ 1455.766280] Bluetooth: hci2 command 0x1009 tx timeout
03:58:38 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x3)

03:58:38 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0x8f)
fallocate(r0, 0x8, 0x0, 0x8000)

03:58:38 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x597, 0x0, 0x0, 0x2040, &(0x7f0000000440)=ANY=[@ANYBLOB="73697a253d37c2ff7c884d8c02ef011c88dba49e49a82b3ea2ff072a98227f7a74cd47e4578daca612de4373c31b722dd0c43e87ffd881aa3c69b1be255b70fd9dc9a025aa1083d09262f3827a5eebc9c90edac3787b127a5a70c0cc1481093e03ad0fac06cd29087084b7358522a020826c12e9905b2c323d7c70276bc58edb4f7cdad344d4bae47521db3361b92a2f255f2413d524a283799d1e5e49fcdd6128199e86c6aada1e49988c220b176440928bc10c9fa0dd20d4405287c2299da2a764198c0962adbb6213fae7f7c4763cd0ceb35a06ab92cb38fa8cb6292671967400855246a1ce6b194e3ca4b17a660e40bf5c6cf323924075cc27c2e0db9b907d16eda9b82c52730e5e2cc988a09081d23dbdab7c7fb720400604617c02ea1fbd0374b3041807e5a0398f1e41c90d152872d855ef0296453385e4aea3e1bc09b8"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x17e, 0x64)
r3 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r2, 0xc08c5334, &(0x7f0000000340)={0x100, 0xf2, 0x1, 'queue1\x00', 0x80000001})
setsockopt$CAN_RAW_RECV_OWN_MSGS(r3, 0x65, 0x4, &(0x7f0000000040), 0x4)
ioctl$VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f0000000140)={0x1, 0xa, 0x4, 0x2, 0xffffffff, {}, {0x3, 0x0, 0xd6, 0x7f, 0x8, 0x7, "c5489dc4"}, 0x80000001, 0x4, @fd=r3, 0x8, 0x0, <r4=>r0})
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f0000000040)={0x81}, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x44}}, 0x0)
r9 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x200480, 0x0)
sendfile(r5, r9, 0x0, 0x8080fffffffe)

03:58:38 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$KDADDIO(r1, 0x400455c8, 0x6)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:58:38 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0x8f)
fallocate(r0, 0x8, 0x0, 0x8000)

[ 1458.335894] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1458.369355] Bluetooth: Unknown HCI packet type 5e
[ 1458.374338] Bluetooth: Unknown HCI packet type 43
[ 1458.399217] Bluetooth: Unknown HCI packet type 5e
[ 1458.410914] Bluetooth: Unknown HCI packet type 50
[ 1458.423019] Bluetooth: Unknown HCI packet type 5e
[ 1458.432555] Bluetooth: Unknown HCI packet type 40
03:58:39 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x8, 0x0, 0x8000)

[ 1458.458284] print_req_error: I/O error, dev loop2, sector 0
[ 1458.464952] audit: type=1804 audit(1586318319.018:208): pid=20487 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/163/file0/file0" dev="sda1" ino=16139 res=1
[ 1458.479984] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
03:58:40 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x0, 0x0)
ioctl$PPPIOCSNPMODE(r2, 0x4008744b, &(0x7f0000000280)={0x80fd})
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r4}}]})

03:58:40 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x8, 0x0, 0x8000)

03:58:40 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000380)='batadv\x00')
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$BATADV_CMD_GET_GATEWAYS(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x1c, r4, 0x711, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}]}, 0x1c}}, 0x0)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x44, r4, 0x100, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x80000000}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x4}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x2}]}, 0x44}}, 0x20000000)

[ 1459.597478] Bluetooth: Unknown HCI packet type 5e
[ 1459.602539] Bluetooth: Unknown HCI packet type 43
[ 1459.608071] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1459.624032] Bluetooth: Unknown HCI packet type 5e
[ 1459.640744] Bluetooth: Unknown HCI packet type 50
[ 1459.646548] hfs: gid requires an argument
[ 1459.655408] hfs: unable to parse mount options
[ 1459.661513] Bluetooth: Unknown HCI packet type 5e
[ 1459.672180] Bluetooth: Unknown HCI packet type 40
[ 1459.728075] audit: type=1804 audit(1586318320.288:209): pid=20519 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/164/bus" dev="sda1" ino=15813 res=1
[ 1459.786484] audit: type=1804 audit(1586318320.318:210): pid=20519 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/164/bus" dev="sda1" ino=15813 res=1
03:58:40 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:58:40 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000000c0)={0x1, "46f9974a1cd0cde6626b563f18058f83dd85024be799eda9d6a1c577362f97b40cac7da5e329fecb52344ed2629b6e289d0766b05bf2295d3c7d8ff62672c02ac33da4d1e35e7aa874e3053d7ad7f219fb9f811271c02227bdbf984facc4018ce984915776c90f9674f479ed3ac34b337bca72bef8697c151c47f15749f43d5f9325c428a45a5dc91668c1e0b34df2b710c50f174a90fcaf2eb5957cafccbda9dfc4ed75f6db92665c6d01bbe082f8e9f4bf0b911f4bcfaaadb703df46d5d3e4d0480391af3af32c62aef5547c96d1758a9f422c397f6928318df1896fb604b6f0cebcb054cd8381470b06bd857febf190db22451e1c51321ce1e9cf9f623dca2574ad2e6081d43f9f97fc27c9f59b07a656c058fd132cb6bc21c7e038d04974429a1588fb1402c239900635b8d96accb7393c3728f3ef7f540c1b20c775731027d78ef0777394718b2cf8fa10a0f29ce9b1d006892cca97e0324ae6ac9276053883c328e3d50a4c4280c7edf40dcc2354252eb2886240a6a406f17583edbe6bafb62c242f148fc1b442787d913f56cd2d334ab0d87252ff57100830e64111715cf5470fae24d262c19ae7168eb10695234f5bd6a0aae87012f3a5bff080b1a37807eba8343882f4e2d2d482a08dcbeb3ced968e468216cc29ea1fbaf4a3a3cd274ee37939fd612b2749978509ff6583a1dd66faf9ea21621f75607f3442328a"})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:58:40 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x8, 0x0, 0x8000)

[ 1460.204270] Bluetooth: Unknown HCI packet type 5e
[ 1460.210463] Bluetooth: Unknown HCI packet type 43
[ 1460.219689] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1460.241582] Bluetooth: Unknown HCI packet type 5e
[ 1460.251326] Bluetooth: Unknown HCI packet type 50
[ 1460.257298] Bluetooth: Unknown HCI packet type 5e
[ 1460.262224] Bluetooth: Unknown HCI packet type 40
[ 1460.269987] Bluetooth: Unknown HCI packet type 5e
[ 1460.275654] Bluetooth: Unknown HCI packet type 43
[ 1460.282811] Bluetooth: Unknown HCI packet type 5e
[ 1460.288595] Bluetooth: Unknown HCI packet type 50
[ 1460.301093] Bluetooth: Unknown HCI packet type 5e
[ 1460.307208] Bluetooth: Unknown HCI packet type 40
[ 1460.405876] Bluetooth: hci0 command 0x1003 tx timeout
[ 1460.411260] Bluetooth: hci0 sending frame failed (-49)
[ 1461.615845] Bluetooth: hci1 command 0x1003 tx timeout
[ 1461.621199] Bluetooth: hci1 sending frame failed (-49)
[ 1462.245779] Bluetooth: hci2 command 0x1003 tx timeout
[ 1462.251130] Bluetooth: hci2 sending frame failed (-49)
[ 1462.325721] Bluetooth: hci3 command 0x1003 tx timeout
[ 1462.331059] Bluetooth: hci3 sending frame failed (-49)
[ 1462.485748] Bluetooth: hci0 command 0x1001 tx timeout
[ 1462.491193] Bluetooth: hci0 sending frame failed (-49)
[ 1463.685742] Bluetooth: hci1 command 0x1001 tx timeout
[ 1463.691108] Bluetooth: hci1 sending frame failed (-49)
[ 1464.325666] Bluetooth: hci2 command 0x1001 tx timeout
[ 1464.331027] Bluetooth: hci2 sending frame failed (-49)
[ 1464.405643] Bluetooth: hci3 command 0x1001 tx timeout
[ 1464.411028] Bluetooth: hci3 sending frame failed (-49)
[ 1464.565617] Bluetooth: hci0 command 0x1009 tx timeout
[ 1465.765572] Bluetooth: hci1 command 0x1009 tx timeout
[ 1466.405500] Bluetooth: hci2 command 0x1009 tx timeout
[ 1466.485525] Bluetooth: hci3 command 0x1009 tx timeout
03:58:49 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, 0x0)

03:58:49 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="010000023d37"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000180)={0x8, 0x1, 0x4})
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000440)={0x3a4, 0x13, 0x800, 0x70bd25, 0x25dfdbfb, {0xa, 0x7, 0xc, 0x18, {0x4e22, 0x4e22, [0x2, 0x100, 0x458, 0x1], [0x6, 0x2, 0x11c9, 0x7fff], 0x0, [0x3000, 0x80]}, 0x80, 0xfffffffd}, [@INET_DIAG_REQ_BYTECODE={0x53, 0x1, "a75adc8f970515b8da2de46ecc40c1801bb26afe6004e00cecd106315cdaaa1e7b279d12ac253e95f7c313cdc6ba2681289ea52df546f575c60883df1369c81f03454145ff906aa41c78100180e0e8"}, @INET_DIAG_REQ_BYTECODE={0xc7, 0x1, "e06ce0a3f3ec7acb30c6b3d6befb708d79139cfe41192eedcb519416ed98e72cb286ea55c1a1c4d5b1ceb7d366fe13ed3d52abca71e7962fa1eb56c9b307c745efd48db7b59cde65bea475ff69dd3c4ff161b00cf04106821601f8611e63b0bc6f12e22b2deca1c56326bdf746bb7c4d2510851731e830a26c53af8d2585832c8cb77bdef5577a0a9ef8def221fd1b367e860460e462f2023ca45e8e2a89e7dba05a30fd647dea0b449fb8d15388eb9f765023d37da16eb705ab1b42550d84912732d0"}, @INET_DIAG_REQ_BYTECODE={0xb3, 0x1, "707f471e08806b68d552a4cd777638180f6d456ee42bfad62bd0fc91dad8906167a9f46d52ee489385934909c5f6ec217585f5178fac3a0cfcf25086a6324b09d552f3bf58706ab6816ca1f669955ac9f83b560397d21a28a4dbbcf3c134b39541600906374a9ae9c8bfdf7133323e57cc1b92c03a05670c7d7b060bbaea2972d0bdc367e5bf65983be5f3c40dc8ad799e70b51b68c9420c6d063bc7ca6d469bb6385b8a31b220c7ffcb34dcc75b99"}, @INET_DIAG_REQ_BYTECODE={0x34, 0x1, "df599724c3e7e342c0d6e01d0dbc2566f7ee6437d9554fda62c10d8c81dffe338e17f3d3acfcfd3ca2e418fadc11b88e"}, @INET_DIAG_REQ_BYTECODE={0x3e, 0x1, "864e4d4b79b978eeba0983378881c4450718df8cafc079be867cd5195810777272b639bba726cc90dbea72bbb5a362a7f28d3d21420651b77661"}, @INET_DIAG_REQ_BYTECODE={0xf5, 0x1, "473913e3be44680ad9172fed77a5380cafbb3e3726711cdfd1a727b250c5d72034f573730d89f1055dbeb9754ac36d3ea828c57005e77363f41544f759be9b9fd0c188eeda1769ffaf332d91905f8fc76350479c0777cf60d3053996d2b19af3160d3bcb12d56ae8d1f1a8a0d278dfd8e03fd8f8732c742fb08cf54256a96c4754f6b7389730cd25f3715d65a7b2558dd6a09d0d6737f71caf7f1e1cac43ee34ce797161c236e7c1c3edace7c3f2ef8ff22e3f2165828cebbd3b838079a3df9d3e04bfb9e6115bfb75684a5b1e2089c6262814b17237b0bfa93757a8480e99f62d38bb4cdf5e4d9f4309a962d0d3ef6cca"}, @INET_DIAG_REQ_BYTECODE={0x1c, 0x1, "ee8ef620f141b904460ae49079c5a1947b405d3d51cd625c"}]}, 0x3a4}, 0x1, 0x0, 0x0, 0x4001}, 0x8000)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:58:49 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1468.519327] tmpfs: No value for mount option '
'
03:58:49 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1468.567592] Bluetooth: Unknown HCI packet type 5e
[ 1468.574782] Bluetooth: Unknown HCI packet type 43
[ 1468.605728] Bluetooth: Unknown HCI packet type 5e
[ 1468.630136] Bluetooth: Unknown HCI packet type 50
03:58:49 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1468.650681] Bluetooth: Unknown HCI packet type 5e
[ 1468.666853] Bluetooth: Unknown HCI packet type 40
[ 1468.696264] tmpfs: No value for mount option '
'
03:58:49 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x0)

03:58:50 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup2(r4, r4)
ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200)
getrusage(0x1, &(0x7f0000000180))
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r3, @ANYBLOB="898e03f752df37d2db6a39a54d66"])

03:58:50 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="73697a653d37840cd6519d7cff0724a8998d5a3c68128c6de7ef7f404692c401219a495944a064c82a41415b5f213f1ad5417599a2f1af8378c682a71ee632655f0989a94d79f839d35d3d0c472d6692c6c009def5d901000000b5e72a9a2749f9eeb9a3e43280fa4ea683534422a8e5b49cbbdc07bfd638a853867e90ed7fdfa767ab4b5a701e6ce52c2889125be955658e82c1"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:58:50 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x0)

[ 1469.821183] tmpfs: Bad value '7„ÖQ�|ÿ$¨™�Z<hŒmçï@F’Ä
!šIYD dÈ*AA[_!?ÕAu™¢ñ¯ƒxÆ‚§æ2e_	‰©Myø9Ó]=G-f’ÆÀ	ÞõÙ
' for mount option 'size'
[ 1469.840913] Bluetooth: Unknown HCI packet type 5e
[ 1469.846394] Bluetooth: Unknown HCI packet type 43
[ 1469.852473] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1469.865350] Bluetooth: Unknown HCI packet type 5e
[ 1469.870262] Bluetooth: Unknown HCI packet type 50
[ 1469.901750] Bluetooth: Unknown HCI packet type 5e
[ 1469.907025] Bluetooth: Unknown HCI packet type 40
[ 1469.917083] hfs: unable to parse mount options
[ 1469.942837] tmpfs: Bad value '7„ÖQ�|ÿ$¨™�Z<hŒmçï@F’Ä
!šIYD dÈ*AA[_!?ÕAu™¢ñ¯ƒxÆ‚§æ2e_	‰©Myø9Ó]=G-f’ÆÀ	ÞõÙ
' for mount option 'size'
03:58:50 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="80ff35", @ANYRESHEX=r2, @ANYBLOB="2c726f1f746d6f64653d303030303030303030301c3034303030302c757365725f69643c", @ANYRESDEC=0x0, @ANYBLOB="2c67726f75707f69643d", @ANYRESDEC=0x0])
preadv(r2, &(0x7f0000000740)=[{&(0x7f0000000480)=""/164, 0xa4}], 0x1, 0x0)
mknod$loop(&(0x7f00000001c0)='./file0/file1\x00', 0x0, 0xffffffffffffffff)
read$FUSE(r2, &(0x7f0000000780), 0x1000)
write$FUSE_INIT(r2, &(0x7f0000000100)={0x50, 0x0, 0x1, {0x7, 0x1e}}, 0x50)
read$FUSE(r2, &(0x7f0000001780), 0x1000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8}]}, 0x44}}, 0x0)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000540)={@mcast1, @remote, @rand_addr="e0147030dfc0f3e970e1c370aaedfbd6", 0x7ff, 0x6, 0x40, 0x0, 0x200})
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
write$FUSE_ENTRY(r2, &(0x7f0000000380)={0x90, 0x0, 0x3}, 0x90)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/btrfs-control\x00', 0xe80, 0x0)

03:58:51 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x8, 0x0, 0x0)

03:58:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x408000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1470.448339] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1470.461776] Bluetooth: Unknown HCI packet type 5e
[ 1470.467452] Bluetooth: Unknown HCI packet type 43
[ 1470.483063] Bluetooth: Unknown HCI packet type 5e
[ 1470.490800] Bluetooth: Unknown HCI packet type 50
[ 1470.507430] Bluetooth: Unknown HCI packet type 5e
[ 1470.513461] Bluetooth: Unknown HCI packet type 40
[ 1470.645182] Bluetooth: hci0 command 0x1003 tx timeout
[ 1470.650758] Bluetooth: hci0 sending frame failed (-49)
[ 1471.855087] Bluetooth: hci1 command 0x1003 tx timeout
[ 1471.860436] Bluetooth: hci1 sending frame failed (-49)
[ 1472.485276] Bluetooth: hci2 command 0x1003 tx timeout
[ 1472.490604] Bluetooth: hci2 sending frame failed (-49)
[ 1472.724976] Bluetooth: hci0 command 0x1001 tx timeout
[ 1472.730314] Bluetooth: hci0 sending frame failed (-49)
[ 1473.925013] Bluetooth: hci1 command 0x1001 tx timeout
[ 1473.930331] Bluetooth: hci1 sending frame failed (-49)
[ 1474.564990] Bluetooth: hci2 command 0x1001 tx timeout
[ 1474.570356] Bluetooth: hci2 sending frame failed (-49)
[ 1474.804895] Bluetooth: hci0 command 0x1009 tx timeout
[ 1476.004862] Bluetooth: hci1 command 0x1009 tx timeout
[ 1476.644953] Bluetooth: hci2 command 0x1009 tx timeout
03:58:59 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, 0x0)

03:58:59 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="73697a653d1b767743c06f15a63d37"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
accept$nfc_llcp(r1, &(0x7f0000000140), &(0x7f0000000000)=0x60)
fchdir(r0)
r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r6 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000280)='NLBL_CIPSOv4\x00')
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0xd8, r6, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSLVLLST={0x9c, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x5}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x86}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x51659699}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x95}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x2b}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x378eac73}]}, {0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x37d8069b}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x48}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x4}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xac}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x309c8c9}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x796e61f7}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xef}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xad}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x293b0c25}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x20, 0x8, 0x0, 0x1, [{0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x35deb52}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x41}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x26daf8e8}]}]}]}, 0xd8}}, 0x40440c0)
ftruncate(r2, 0x208200)
r7 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r7, r7, 0x0, 0x8080fffffffe)

03:58:59 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

03:58:59 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x2, 0x18001)
r2 = syz_genetlink_get_family_id$netlbl_calipso(0x0)
sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='^\x00 \x00', @ANYRES16=r2, @ANYBLOB], 0x3}, 0x1, 0x0, 0x0, 0x4020004}, 0x4000)
sendmsg$NLBL_CALIPSO_C_REMOVE(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r2, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000800}, 0xe62fa49bbaafe688)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x16)

03:58:59 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1478.793748] Bluetooth: Unknown HCI packet type 5e
[ 1478.795425] tmpfs: Bad value 'vwCÀo¦=7' for mount option 'size'
[ 1478.799087] Bluetooth: Unknown HCI packet type 43
[ 1478.811138] Bluetooth: Unknown HCI packet type 5e
[ 1478.819769] Bluetooth: Unknown HCI packet type 5e
[ 1478.838101] Bluetooth: Unknown HCI packet type 43
[ 1478.844133] Bluetooth: Unknown HCI packet type 50
[ 1478.851376] Bluetooth: Unknown HCI packet type 5e
[ 1478.860337] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1478.869774] Bluetooth: Unknown HCI packet type 16
[ 1478.876938] Bluetooth: Unknown HCI packet type 5e
[ 1478.881984] Bluetooth: Unknown HCI packet type 50
[ 1478.913760] Bluetooth: Unknown HCI packet type 40
[ 1478.920359] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=20676 comm=syz-executor.2
[ 1478.922364] Bluetooth: Unknown HCI packet type 5e
03:58:59 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1478.961511] Bluetooth: Unknown HCI packet type 40
[ 1479.026828] tmpfs: Bad value 'vwCÀo¦=7' for mount option 'size'
[ 1479.083576] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1479.128581] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=20676 comm=syz-executor.2
03:59:00 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x38, 0x140d, 0x200, 0x70bd26, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r4}}]})

03:59:00 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:00 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="73deb9fcaf9e47455989a5dca934f2fc3e89baef4d33705ad06768cb9bd0c3e6e239bfc2a3e0b26e14b2129dd709db0013a1542a0cdf75a28e05f745efda271000000000000000"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$alg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000440)="b8966991416f91c3b5228e76238f2b09bb24904fc540234a1fd09edf682c17aedd401a42bf03e187c93b12bcf4ce18667072496d15a1bba7dbbcbecbc75488d6092714e4319d9314e5368b4ead69e9404698e456632fede812b5337723fd461c81adfaf686b50fa7f92d7cd81e2ec5a7a952d4d81c83a4141d63707861258e911f774a73cf5a916e74ae756b17ff072095bd8c0c4ecc1bb823577184463fd7a991b523cc26b3ffccbaf96444ab4ec18abd3668f84461fcae619cb242c5dd74cfef5f72a05162699070adbe64d64b5d32f05fe39e9ad2a6c836ccb99c737a1799093f3c23c5244321810510e80efb4b92725c9e26403f53f33c1c4ee62ea366f02fd4ee2be3778c4d1d45c2cbe87ebef15eb94f682bc3898cff38eaab2404bd85aa9a66fd83643cbdd2cc7b657c3d03df53bdff2ec192163c654bb61278eac0f5a3655c6a2e70ebe4a85401d69af97b05cce20559047d3ecf4d67c895595a414a6f1a680d2ccc5fde7103115b77a7515123d40f754ce80948a78915c9a7743a656c1288e19af3d4ae87661444d2c7c3ef5c19aa9e941637e648ff273c90e711eec47856ea8ce42356f19e55120a0add6a778d7cd035258f859f748bc45eb7f7cda9e8c37ed0ae248a19723b0a9153c5b5c15179fb452b806c4ebdae754114a47c6ac004cddd325b439793fe9b49b43f8974eadecb12d25b10f4cb92e7d462cae1809046f987bb746491548912cb7e40909102e9ceccf88f47d2f53d4333b6f223fd14fa532711f22aaa89809d0f8017ed8c63ef1d879e8b97b04cc082875f91bb0160faa7728d8f08f65bde101e0c847cadd8e974f06b5e015ef71c085f4570349b367447c89640f3f1dbdeeb248464fd6eff692e4d50177fae10e379888e562e923e17cf782d6fd284b9460a97bfdbabd8b5809e82559bb06b4632db995a9ecd1671fedb3b282a1d1dd44dd5a579275887a9ceba1979cd360b2515791050275e177283038545cc88b31b4daaf3235fa1207dc0df0174c341ed89eb9d2f1fe5e52d0cc44956d799f41bc428c6744934393af6cc529af8eb7e9b091744da205ed03e97b6047e119f1609580f3e3596ec8818e9888b5b8469d60044974fef3f4d30ef03a33a30358900f49059138e91e8e383e0b39525ceda29f66326f3172619202dc986b442cac00d9cc034ce7ed3f10318a0873be6c681cc2444420db385fdb3509b04cceb7db97c4621c304861d37cfedeb9ea00b5123402bdc8602f0e20a0e97d5fdec928a0ee94b2a755fb68b6ea9eb916dd8618f69d51d3bccbff457b57f103420ae0f6d3943046c1cccd5145f6baf1cca03587af87784e569a72fe7c49773efb7fb8778573e391d818d2161a24b3327e7cfeb8e8d7412c9e5f41e2e88cbb4a85e5ad2d6234aa802cebd65f20e42ffd7aa595f8dbee2f44301b8ad8637f9b290e05836be4fdd1cf01c214fb78ad55dbb68ec290d973e8a951d6df62d649570dc68593a7f0f83483c4e28a2b5f40f8168ffe865b0a2d8bda3069a27320d53a387ae90c7801171bcf4fe6fa756af8d0a0b9499869edbb4d82ea7093049b472935f9a0ef65b2a1220ae560d8bf3158fb63969d0c57ac48b718364f6ba784134e3e83ec5b1fe7ccdcaac79968308d0977186f3848b1e21bf350cadfcbe4847700ae538df66f1975f31fc4bebcb79d36257f9a9111a6e6e983b20747b124648fba124649299996de95262d18e2c94e53397dc1e054c9ef7064e1c96091b7790348a4af65ffd5b61122d58d37cb3fad960803446e1b06d868e90dbde671704c025b3fdb3e68289aadbb64218a632d5dfbea3814bfad103f45a02326a2c717716a247e1beee31f6954b5ad73f109155ce841330bb6acefdc1fc0d33da7e47889a221c46b156c0ffa5bd9ce6697be45c6c47496fda4889b2ffad7bd339d9900627ee25c11012ab25b4e50de86ddda01dd1cd5c1ceaf59360312b56b7fd464cd9230493597499064e7ab91ccb97f388a35cc515967d64938b277330f09f90bc9c28fd60f83b354f4b2cbe806ada2ccfb04c601091211fa5e8bdbca47309fe70c92d24fe5bc6958ed3eab5bafe25fa99491536e63fc470e4bcd999c6d965c17036a37d0894c9b1905b884331c47c4d958a217bc5f72357ee66307f4dfa17c8d46979e995a1e3564eeab18bfaada8b47c776f6f427d010c607a002fc020e9488ef76c52ae5a7dd27229412d7883bf8b8e13c249c92fb1a97dbe6aa71440cb5e3e1920822c728b8e41f1486afedbf13f7056ca9afac6a011e37ee199009e9f16021b551fd82ac71007d88f1c9e97f489901bdb85aa8dad392043643e7a2a56630a04b241a9c4762575a2e47a67a5e0a0fb41e9a56d9342da4aa826385c2265be2595f6ff4cc32745e4a5fde4682f6047e76c2a3308f592c1d32aff04ec28730b758423e0bfaaa0177bd0fade6afb8095f28558e35e672b8b0f535f5b391ff4e072da7ef91f2505766f618aa4453f6fe9c940cd1403fb1955cfb11abd4fdfc03b96dcfa2b61fed68a4986c6627c98e5e241a8cbd1e33fb2fdc4bc83ecac6e29bafac4721194a7109aa6ce64539291ae15dc732a032fcc60ca706a30904a0e8cdb021e484c93bf8eae05dfd098ffe7bc7f58177aa1b773533bfcc780d945dd430943317b7d98adad229a8e5998dc1945d1ece1daf8a024249913fb33914f08c46600a7bd2367687cde2fb58ebf16ba3be7b8d988c672652f4423369ef1ae42232728966305eb1fe903d9f065c31ec59d4a1a92dd406f260cb1f7e45279b8a108f04d0f5a4ff418073de787100dec5a051328475280fdaa9f3378acfb51966742cc6f1689eb3dd20131da8a0c7c26d0127c83cf9f93909c89990297d4ba94e5d02c86f23d2e0d3f3168a0fc6f9a282a0b90ebe23d0bbd821e7c7207426bd5869755ac6eccc92ca9d441d1ae723dead269c2040ffb59515817f45780672a2df8531e4c7ff03398f97ef025f8ae6254c75c2165239a0e44b7177d15355e1e9217af90e8d20110429ac9a125ae537b86ed91bf80b3a0bdfb99ba0e9c9bbe1ab8c561d3c9583488531ef697c25529ac150e93537ac3f087521812fa9d9a5da2ffe2187901d95cb538fdf470366ba19dcd9f81947df3315dcc8b30cd81bb896661bddc9f6570b1b56b3737138a8700f010ad2a990c299404dda25227804cc68b3742bd1017db89fc4573cf15d55c2663f676083e0d58bbf77f80ac4cd900c3689e8c8f38127aceec56b7e16d3eff7b3ceaf42cb898b02546239f010493a0005cc29b3681150fc3fcb55d9a994d6de5ad66561b8ada04512b315735e494310aab5cdfb2db9d82081a7e56ce8655e124ac6a9de11c5f1a94f42fb24e4ea23fb6fe411502f2fe604ffb0c1b416003db98dbb777faf038b4a3e44ff4988e5ea99b00eab0a88b84f3c435640b3360dc00ef50ab67db3d47f35c6455b3e86702f3e574baa1ea9672c20f8446e0c718d96e325d8abc6271917b7a13288b39f138b644e77a10a8c4c5f871c90b79adca5cdb53657fa68fc8813f6952da90d04b0ebe194ff8d5132b40ca4cfb6d5a8082dd0f0cdd45722a76eaa0a1fb6274b7f24c744ed4a5199d30d4715ea6166883863c3fc4e12e3cd7aacaf0ba3d136369d952907933def2e57ac7f2001a5f2bdde88ca4adedb7c8af5fc8678fc1a75591134548bf7c14a9228ba064f08ffe32890f6fa1ad317b6f5c35ab3d1598b707efd01e299cb8913ac9680f9d48a233601bee4a12dadf284ca5edd53b6b0d7e2a97b46746476d614ecca65e057ed08e2336693cd0e686d25373ac9b7f4d158e7c008be0442b1c49ff8628bd3827f55dd3a30d60b0553a3b17c34fba0dd0543b5d5edc4d388dc474394c4a44928cbcadf22d5f9f8b31cbd40ccf297766b66c62c5884a661af50c2be17a5821b6c8bc70d02793a0386a2e5e8c298dee30519e1480541e1c3bb20bbf5eec2b504655d9f956e4ed5eed111c7427ad1b2405ce2a3146350541c6a6269f0adc3c1a7ca625744a76f46153818ae0098cf1a35bf7debcb2535e35532fe53075d8c73a5163d434766b66706cacb5f21ce730e45b5b6f0fab7f631032094cbe0aa86faf792a6b5099752dd0996687acbef2611834e36c413465af8f4a6e9c7b5fcebafd9938216b18c3e5214df3aec37dd8a7aab030af27c308cb9b477b4365842f112ea39acb6b5d03556d04f195b92b1ce542522c56a7ab21454d17ae974f3d09c1af0a08dc6f7dbe61b8e513443c6e2a85ffe777dbb146808b083b8c1b7b7d97531d3c9b1b789525644b556ba174071fc14c7e1a1d705838298686ac25cf48229b4ffeb5977fdb982e8d4f983cc722cf7da7ca5a7e6533481ca4a2d48c2c1deb731495cfd9a4df1091e0952b26cd2ed35d7c84ce80b5459585b37aa37a5ff434ccbbf05765393d34316d413075585aebc367dc4dc549ec69b7dabe4152cf904dbca1420171d79331bba2d413388895b5725f6ab73dcfba73c7be4acd447a9239ba54194e43971f1df1533d3826642abe96228d5adf77fc2b092de0c90857e608780c9b402ee2b1d2776c4878f7b3c2bada4e433c51d25b2e217f0abd83cf82932b828af460b7c29a6c5727f6d7e3f52bdffd1b178707073125a8ff5374920914898a7db805ffe7b0bd5cefc15f6fef2932d36a512998782106a97671b5a0fa2fdcfa737378f1146598dadcc1e73c9398dca82052f0f5deb7e6661a140d76146c1410348708709292e8a8d66ea998fc4663d9ca02319f2c2a76acd6a257074887f51444413e50ddd836bd1da80106888222fd0d8f6be58d5b516c1f4df0d344863b09bdb6471c2ddac8a4ecdbb5797dab71c2706c33b80d99738149fbb24264d2d0ee058f2c8845afd41a3fd4ae4d0683dd164cf80bf5eb7d52458322689b3df2f9e885618e56e2639b75da96bc253e17ecd4680a50d96114e2a9769437025b326a5379af8deb4889febbe6916941c2e4ac5f66f636951d712ab6c6c47136b2b02878353d82a0cbec52739bad17f26bb0bf3aba2ce0c807b24b05d73227e49e0057d66d35bd869bcd8e0a9a0c2ae0bde0712f27ca1a241359b2b088731024465548e6b1fcc16eb33f6fcc7a5e507ba0996cfc880f384ef11e9b2335f2ea273050649f74e67ac7c49075cb1778165f260ad4732e62b19689065fbd6943784a2824d120b2a50e477ebbe9a1045c1412a3c22d06633b1b7a644a7e6b797808d265f0bf0791491012c99f7909ad6fc9e116c24e54bc8545711ecb624ebdb934a382d33fcd6db131482a1ceb9475f87ac286005ad6364bab7bc0993d5ab72d654d72fab92fd5dae2e40b1cb7b7bdae1cccb7cd91d40bb67e475e0f4749892a0bfc7b7d39c6aea98e56b30ec567eeec289cf549d2b5d315b47fcbd41a323da304fdfae4bc5a7ae90e919b7f1f947ecfe6ea9e784f9b12bf0818b4bd4d99c71ddbad73e863fc248882ddbe7fb1daa65f57064f265263fe3804c89fd9e86e20eef159902a23e9b48d0f20feaf7a8ae49461d9506323cef19e7ef2e8cb3aec3dcc19118e030447e6a753c5fc21e13b7f507f0be205cdf172a39aecfe642203b511d2297fb7d2618d6babae0d4cf355d923110419c9c98a0ac2e83c3c404b50ab057611690bd69395fbd6224955887ff6bfc0bd25a5d04d5cd996bfa47b880be165ccbf49c20a178c7e67d855883e2a356ca6e3f9e4bc299c0992f07d7e9d00b270f1819e87bc9764373fc4f6322a871d38781280589385beb99f79d30654488a5787668fef315817626b", 0x1000}, {&(0x7f0000000200)="4af4c9f9c84215e7b82565cbc26fa57d289528b5d1411c09ccc84aa0aa51a1b378332a315f9e922048caf35a1d9f4fe935789e189609b6789e88a081d8cfb4f14d831b37e15d095065de15945617d249b452bd0b78ffdaa8399004ae241ac077d6d4f868add6f2", 0x67}, {&(0x7f0000001440)="1201cb661fafd269ae8f75c6602bec7fee34114e2c6e319c62058d73c2ebb35a71c5ba9dcda86f2848c44a42557d683e718489adcdb20b63c9c2649c1b3d7e05f546915f29a913f1c36f0ae9e1f7c583f26b20157b8d1d8c67f578708177c86e52a8f9cc23d4f3b8a33e3f0cd4b9ec4d72ac1c5b8ff7874b6f7c520743eddb791da9a95e8f5881e84151dbfbe5c0250136f002c995bf9ac94105190e67e9c668a3c2dd2b3120c201212f473b3cce178eff47afce8c5c35e6434582890faeddd77fc9e70860e9fc025e362eda1bcbe6f77481b0d1ae14502465c7b48c52882e729d5500a4a4ce248a272035dc41c6abe0c72425f296f1dd3222a3f5177829434c4f0dc6d9d70e109ef1d41621bf56fc56b395df8ae5d08978c90595c5ecb38eeab7f3fcb12814dc518b545e1e9ee6d467e881e5b84c473254bca99d9ba5784c5adcf0777178079e4930e3d4f29f1f8565ac490b8e810ae49242437beceeafe938278d581f7a9d91d29e3a1ff72854d956dafe560618162acddcb44358d59e43f60f5be9589bdb473350e68dbb1219807074f3ccf3b317d878a8010e00a0b50d82dbcdb0a6451dcb7b2f0ec463d1720052e60a9b32b4704bf86ec8124020f8f7b39791372c4d2a5ce85634c72010cc45420fbe8dde3b8b701a3ad748ae32af51a5b013fa84d7025cdb7bed2d437c84e045d409ece30ceec3ee84f0624ac4faeb10ab8a94ca6fbf8706e8f3e4122044f18decfa5e688d50413bd05073a8410720efb1d1342e731b492790600f4c3d8b3b2f6b90c2b1a37698f8886cb1686e03c4eafc3f98b802019aef6035a97743de095008010a38e94fdc97b1ddb9c6f2d24b986677af2b3d53749322b709db17da2ed76d39dc858dab3af4d72caee1e3dcaf4a1c949b23ae883f729127f798d53edcb57b9809b70ba73e11f5b483a8f8911e76b70653f59cc6099be7b2eaf0f76539ffeefce22b3362aa3271a77e46da9ae053fbdfd7bf07a728ee36add4e6f90c456a60b3ecc723d575cc64a83b0a0eec4562ecb81c1d36bd74b16b15d22e6e58b08796b3dc904472cc9ee095fb952d42ec8408b1351d04cef0e51dcb2b9f19db89eb585b582027a5a5ca4c6a7cf4c0fe1c7057d403bf518952a071fe2a8e7428fe947062a2e343c440aeef45ed61d46bfdd9856b356680c800bf18be48f32f1ae38b0f21312faae033bc92564c21a1862b585ecedae146f9edcd6bc8fe781cee28fe2d460295fcc6cc3d98b77cf68fa6c4e5ca6aea049a6afdc548354a4cc8b74497cc024de86be0ddfb1b2fc29c102298b8a5f20a82bfaaf06ff4c9a623c87df6cbbfc394d40080594bde629fd89fe09e608c461b5cc9c534496d909fa79ab3f0bb5152e5efd5317405a37905aa843c0255c64a0c88a26b08c5b2f1634e248e5db956b8abd0340f351cb3791672e47bdb8b55465921ae0fedfbaca5f8cd072d95d38fa4e4e98e4fc65eae2f0b4c97118e217c9087a54a848dfbfe138b8dc005402b2ee4b23f4ac1a38c77baac5d3dc5ceafa76be67ae5a09fbc9b1c8969e5b5b1d1e2724f415543b684b07b090ced1a2a8f15a3eca1ee32e61cb077686c6692141753bc3667328834bd1ede7140803ddddad0627475b145ee5d9ea704ba81cad62f768d1b8d7a32638631f99eb94f8ca240d665ba4fe906d03d30c5a7057a1972a0b9af2af3d19b41a24cae9099f513165d436feed12874137b03e83eb7b3cdb80c9969cba90803b90b751b72828349fe0c4fed76947814a3062c9a11dbe861f27dedcf01182fe17dfe7a369a5ce0430415c0a9ae47963eab1dce9d690ed81d7bc98737728c8458425fa32bebd267e88191b26663eb91b63dfd0b83160458dd7befd56957ab7ac050f2a43a1d997a05682de34b01e9fcbe730fa249e81ab5ee4d646284fb2becb13e805197b2b6acd239b982179053104529d350db1a22e7770583ea6ec4134694fc32862d6b286a82026beb567b88f18428a6bb496de5687ed14d3c7245b73af1f4dda38b09d9257ea45c9bacf39b557bf27c447aeccdd33318b2620794652f1cc263937de7488ba672d06f949171ecbe69ad6a4b27ad871e1243a34505eb98f5b2ac337fdecd5e77b38376836e651305c90141bf683a3ac7e1ca0e9cd5e1755510bf35ee3622fd811a9770f852c1c2205071c8215962dad60ec4d8547eafc8f0898a7f6e7609ef777d080fa3943b52b8a1aff042d2858658a3d2e39856391d06bce077102d9b415b324239e1f1fa16838603e307894128d7bfbee58e1b36f831db2689b9bccc969079a2aabba6aa3adaadeb264a65bae442a5c85d67011ea3d7a3d7025b27b2337698821371140f97d490fb4512ba2b2eabad31509d95c64995119f6168a7abab362e79b922ed2b58daad90fa2cf5ee8ed64f86ceebed49df0b00a2f74d86dae8fdc22e564ea98398153973dafce94dda9fbdc58da5fcc3f9217c888cdb8ba7ea64f8e2a518bbb6308752515437395f9834a72a109111e898768bfbfae078b8c6dd08b72fc9ecbee845934185dcf4b13c7021d4469beb235d04c39d1f58ba4f75f0345133c725a624dc6b8d72be2529d6a7831771db4c9d3f0bc417cb62c456cf8465f3bf592dce4ec00ce87b89ec16fc33d920123afa21dc938100397d6469842cec7f6794d6b274a44eaac4f3c794ea115a01da1c482a037c395016111dcca265d3582ec05392d5e0d4ae5a1960808faf656deb6b1c8fd0e8c6343663ab353196d8907d52879185bda4b4e94a835c99f99b90feb54dd9dd965aff28ade3a2c1c890d29e5e3ffe8e08de507e116f6e51ee80ac9c1a62ef179448bfa0462454cfdd0ba91c092ded4821c838d2fac1f426bcb23455eacff5a72564f5dc5e105fde3c9043d6042d66648af2d075e6ad4bebdf8f6abfc42f1bdbaba927be6c247f57af419168d80cd8e2c6b22de84705426d8833d79738b2be9cd6889e0d518c83a1892bf99bdf415fa2080c06d6339dff1eb04e7390943ba2245e8042d7b1abe99717ca491964fcbd412d05492293e03e4093f1c5d3e6439ea2fe2ece183bfcb60b681969a46f589ae2a52c2a93e997a3254538b7f085fa709991c14cbf87b4a1dbc2f19e4fdd65331256ebaa3cc0a5d30cf054be1f98897fc360e42e6da51619ed139b464ca45f88b48a8181498d67c7e46691ee3aa07ce2d531dfe1aba6c3a2e5e970941eb12afac3a7908dd15b7252007d0f5b47b1cf77835ac129a079a56d2b55356c57421527cf54b55f21d14d9f362ec35e2ec44d0c72642dea1dfcc19549ae0de5b96847c731141e8423a8baff1f1575ce36649b05fa5f4f3e0974eff0a7666ad8ef52efe345ee27ddd546b024b849b33b8badc8d9d62e0307e64feb64dc26687e3d7c5223e8b8a0051ecb63e859b9eb11e4058859c105ca25a2dce2562f74e5248df98d677a0d8ca18c3d65d25e8f7f8b45f00c97a6a7bcf78c583f67288a39f7101e534830a6793cd5ab9eb1d5b5e303d949fe42c794572527a02a2a00f970bc52f54afd23110aa921343a012b4714766395cf6204eedb97936759092db8bec0af8d3351c3aae03afa0c2653514a575cff3b40fae28adbc6f17d90a3e9d80e8caece425435270eab7323d63f66c6e63321a51cf2be2a54dd0c05730e67c60162bd6dc2db1551b4acfb8d6a1283ca5aaa001b585f5c79d3beca47fd8add2abf91d76452e427c2972138cb6815ac599bbfc3bf479608aae3043be6a68f61498d8a40b8142c64c9fe78ee939ad6436b9127426d982dce91df5f72434aba979a4a54e9f1dd6b207432b36ca81e50de624c7c5d3fb7293e03ac99f218c0075c89881b6a8650afa0b3ad922b29575d1776fec98c4cc078a7b1e851ee819536c89ffefc68d607406fcdde79b908df6abdf2bf43a29694edfc52e022e41deb466945b1b9e5bb30b20731186e812a0b7f4f656faf45a9fdcce284f6a0c2afad021543e9a639656f5351ce34188696519d943d972e25374e05b51a567c518a3dc353020d32d8812dd17d40ab9d6a73cc5874f9b43b023950980df5336052bf2f4ffbf45f795b2a151c06ec07a5193c9afd07ed860742a7dcd53ee9ec389ade39946ae2c6f202d9e716ebbe0905d68885dcbd25a8bc4e8dc5869192b31c75af29e48550514a908934c942ec1502072c436ad00d6981b985f7d7ca6fb23c285b98c5b7483b3bce4c23fc1766e182e0a23d795110c514c8335f26dea3ba93e1168e34847ff53b45df6fa93047b6061c5169eeefb3b1e301f02fc84539f280569b5e0edfa2174c3d30fe0efb88f36c6049f04ad5e9d0f7a9f153d659c328a4c6c0913309885d80cd99f12e725cc1cc4c606082b7f947c3f038a736e7a8f45cb8b0c0529704faea2370357217c0c377b18c8b680b687870c7a7e432bf58d83e05c47dfa1033b964c8358a1342ee2f2e6c7912819a53505eb49c25f8a6e2b3f823aae083d5167a34d585fc12fd4d945f5c701e9f5b5016e8981ecca5413f9c160a4a97eda3be88652a1069dbd8453eafa9dfc1adafdffa5265e8e9914315abe04a05b620958f9e40e60b691e9a6291eb089171441f5208fffb16e32ba7fb6b1d6886329fc2de9a05cddc5fc4f0dc1ca9277cedd19f15a737a8dd0d3e3b10a6284a670c01893a079ad5df5b4f3c78ed5e2875ec3c702b1e748cf5593d12a722e58521514dd35e043b7dfaa1f389065653ce1e1ea9aa0751eacc8e1198df5aadb04de1962922b6f6af99f7791603c622ad64971b7d4456489d80b85d31c4f7e2a7949cd2f4aebd215e2cf859ec63d7c759691043cc6080e3ff0dc5026d98398ef1dd1a7b28c584fa8ac423ef76c6dafa398f754774c16d449f6b248bb12c53c9e6ea993471a26883ee69c5ef49e5ecdd078ad7a20be658f98a9e7aa876d00ba6906ed92fbda10e59557c7b04ef7d4bbbc51de402be0e1b97e1e7c3e1a808869a2cca4125dc27e6440ad8e22ccfeab00041a5ed63efc56a9ae9929363f056a3f9915950617221f15f38c1dda74f2b5012ae558dd2dd0ef2bcc11fccb726bfefb515bac13ba385ac67edc1aff170a4f3290288c39aa25e9873cd6edd217f97449a386a5c52a2299f4297c93c3742e09661ca02b6d086dcd39af79fc8c0be50f6467949c2a6fb205ba385cd7fc658bab86443f185e6a8dd7eb4cb507fceb2b08c7c8d19fb444d55be00b098fff474c95a05da513e9d33220c47eac36b5ad71eba36b3ea4fc7de79bc576710a197a271efca7a72750240d91bd84b954df8afa1bd2be3cc07d2b33fa0bcc2c0298deb65ff39130a815bc910f26d0df2a273abd23044df6ffe68d8d488506c67e4d5def59de6f69de8e1802d3dcedd29a4886d0f86c70b8b3ddb06ad4dcfc4f9fb6e3b369453a2711afe10521c43c520aa6eeb65d7315db30cae676dad33a2cc89eb518850dbbda62c065bf58dab6203a5da996c0f109188ba635c80f89d40a9cea2115cb3eec2b4582ef2b8d0d6eb74d77a725287bfab310fb759c1e46e6fd7fb18fd373e556fee35ff16273fd02f7a26bcd900dc9de96442d2ba07e2ba32c5f17358b906e04bac38a4ee54a7a8cc3faa97d3cf770a52bce867bfea18bbe0e23c825e9d41689a4b05cc0c35c159d71f6ed25b9a54975f17446ab0fefa790443ef395c86681694f310d43234229fca88c2962625f3f0172d85aa204d0b7d3131e1183985cd6ad354b7722a451828bc91f2950132bf83d090d15983e8b02b37a319ee6e5aec8d51e32e48c15fa7d86e3fa2723e47dd25c17ba0d89f1eab72c0", 0x1000}, {&(0x7f0000000280)="ec36219c4e42b6cabc83048e1b66ad31f3d8227ca5ffcb082d413a9884453074c44a6d50b67feca928c71be130d30dbff8b55545471315ca50e4180898c81c26a6c36536143903ecc64b7da58e3c8e22d7eded530f302ad884c38e2c92de6c9760cd29df26adfee531537aaf2810e6700a9c543e4aa8ffdbcd8d973e720977ec776a31410d098c6f449384105ba9a3fbd354e4bab15df101ec68", 0x9a}, {&(0x7f0000000000)="57e6c78d14fe9789e5feed482fb3c6ca8412a2e9e803f63090375d29f034d337c97c375f802ace", 0x27}], 0x5, 0x0, 0x0, 0x10}, 0x20008000)
r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r2, 0x208200)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r3, r3, 0x0, 0x8080fffffffe)

[ 1480.052096] Bluetooth: Unknown HCI packet type 5e
[ 1480.061162] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1480.070631] Bluetooth: Unknown HCI packet type 43
[ 1480.083510] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5133 sclass=netlink_route_socket pig=20703 comm=syz-executor.4
[ 1480.109598] Bluetooth: Unknown HCI packet type 5e
[ 1480.112071] tmpfs: No value for mount option 'sÞ¹ü¯žGEY‰¥Ü©4òü>‰ºïM3pZÐghË›ÐÃæâ9¿Â£à²n²�×	Û'
[ 1480.117345] Bluetooth: Unknown HCI packet type 50
[ 1480.133276] Bluetooth: Unknown HCI packet type 5e
[ 1480.140033] Bluetooth: Unknown HCI packet type 40
[ 1480.146889] hfs: gid requires an argument
[ 1480.151080] hfs: unable to parse mount options
[ 1480.159349] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=28481 sclass=netlink_route_socket pig=20712 comm=syz-executor.2
[ 1480.253165] tmpfs: No value for mount option 'sÞ¹ü¯žGEY‰¥Ü©4òü>‰ºïM3pZÐghË›ÐÃæâ9¿Â£à²n²�×	Û'
[ 1480.317073] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=28481 sclass=netlink_route_socket pig=20727 comm=syz-executor.2
03:59:01 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14)

03:59:01 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:01 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

[ 1480.722574] Bluetooth: Unknown HCI packet type 5e
[ 1480.728038] Bluetooth: Unknown HCI packet type 43
[ 1480.733202] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1480.754153] Bluetooth: Unknown HCI packet type 5e
[ 1480.768912] Bluetooth: Unknown HCI packet type 50
[ 1480.777409] Bluetooth: Unknown HCI packet type 5e
[ 1480.782712] Bluetooth: Unknown HCI packet type 40
[ 1480.804650] Bluetooth: hci0 command 0x1003 tx timeout
[ 1480.813572] Bluetooth: hci0 sending frame failed (-49)
[ 1480.884552] Bluetooth: hci3 command 0x1003 tx timeout
[ 1480.890004] Bluetooth: hci3 sending frame failed (-49)
[ 1482.084337] Bluetooth: hci1 command 0x1003 tx timeout
[ 1482.089695] Bluetooth: hci1 sending frame failed (-49)
[ 1482.724267] Bluetooth: hci2 command 0x1003 tx timeout
[ 1482.729586] Bluetooth: hci2 sending frame failed (-49)
[ 1482.884284] Bluetooth: hci0 command 0x1001 tx timeout
[ 1482.889762] Bluetooth: hci0 sending frame failed (-49)
[ 1482.964339] Bluetooth: hci3 command 0x1001 tx timeout
[ 1482.971756] Bluetooth: hci3 sending frame failed (-49)
[ 1484.164232] Bluetooth: hci1 command 0x1001 tx timeout
[ 1484.169593] Bluetooth: hci1 sending frame failed (-49)
[ 1484.804203] Bluetooth: hci2 command 0x1001 tx timeout
[ 1484.809715] Bluetooth: hci2 sending frame failed (-49)
[ 1484.964172] Bluetooth: hci0 command 0x1009 tx timeout
[ 1485.044229] Bluetooth: hci3 command 0x1009 tx timeout
[ 1486.244115] Bluetooth: hci1 command 0x1009 tx timeout
[ 1486.884046] Bluetooth: hci2 command 0x1009 tx timeout
03:59:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, 0x0)

03:59:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:09 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setuid(r5)
syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0xa, &(0x7f0000002580)=[{&(0x7f0000000140)="8ee04c356a1017c129cd9e834b1178dcf45af2577696e0db2c", 0x19, 0x200}, {&(0x7f0000000180)="251d6c27dd294237078c7df5c2e920e76b", 0x11, 0x10000}, {&(0x7f0000000200)="27c8aafa3b3685ce116ff13037b8050370debb67e0105a6529f0ba59f7b2f8cdbd8a16f3a2d6f1939e6482b34984ea3fff29dd731cc1e5302902f4e757c1a03311a953a8e75c07282c3907c24d13c0c76ab1e8fbccb8b9f42beae58bbbf76a5bf0c94ea3683426b1d0990112e1605007d78b7d8a2bbd8aa3e5e876d87d20ea56785d56cb5aef28ccae4074a0a630842f5c895d523ab044102e19c540b0bff84ff8421ac3692ce816aa00", 0xaa}, {&(0x7f0000000440)="971eb5eef7b8f410bdea467aed5639874e54c4bfd4d3b76d9002e8943dbee6138faaebe86435e69647bbdb173bf870d8625c0a3c1c52fe4e051f7e9f8090d3b2ca73563ab144c8dfe71d4fdd243ead1a44049feba3ee5e029a8620491ab8cda36eaac54463c709a9f33760ac7d4f70c0953a538a3921810b218e67b6abad2202d229086d26d5aba6fc4bcf702aaea5353d1676098731aecf90307679988e2064b983d3bfe0cbb658cbe52fe5748df049d896fab1e90c6fdb13f6722c0107b02f14f7a24402b3490e0b0b8aced8ba39189886179a011e28f5441f7c79f33e3b320eb3bc5bdc91a4f667cb876ebe982ef312425028f974c3f4e34a5253a9e053ef73aafbc656d94b7d38af6e928d73dd9a71ede86ebb244dea505b76ffb2e212badc71705aacba6f37a5ee2b7d9c2fbb2109d53dfd1b03f6e357cd56a4a7677e4032bb12edc57e6e68e79dec0c77be10c4e20d4ac12443d082434ad1204941b9ad2790af2e8ae8c2d0f899c2ac71aa77e7bdfd8b1279cdd7206b1c04fe2fc861e99c899546e1b0b861e74dcfb0ac38b51ab8343b2e8a93fd89d03f83d6fca8a3681f5efee163fbb0ce41a8575623c056cb5ef5b9598ef23aa889039e35e9e46bacb1b8a6541713fc2a350aa96af9bf92c722b6cd94d7a017ccc2558f740ed8e3168bb447fcca2b211ddd9be11dac05e88edbf510c48408caacb8b5de4735284a16efdffb091d245ea9809f41bdaf99aaa293dcdf217827724d901910be9a64fe5b259caa7312a00cc3c3ce7b60562b3f6985376199265afae3d84c1fafacf8b819734486810e4a1cbc23088c4ef3a0aa98049be8fa036f7f545a42cbdfbf42eca8e297fb417918538e6c89c5bf7783c80802eb508401415553d3e02e006b57be0691a8e5ef4760631fdb463440f7a0a1c446a7c6b298e0ffbe8065ed4f4080eb7f8d0f6eec735372e4a71f1ca714aac3e76dbf49a2d0c2fd4b5562f2710ff164c57524391d20979b2edfe9af1c8559a501e60543e076981f1eb89cc054171cc164f12a24f4698347131791c6ba23b30d212d02becf2e78fab14d53147aabcc69a212afb5f08f3b619692e89a53d4267222ace990e4168cff719ff3cb42c55fc8be993520e1d5c1357e581ae8e978d37d96e13c36ac923b9650e33f476f9f915d4e1d42933d2acb5162af5fbadd48dbeccb5bc36c7ff6d13fff06765b352f47901e4200623ed34fecb703c8d558539ddd5e96cb06b766c703a4e9e38977a1893ea57a7346fd3e7179fb42fe5dcb302779c7dccfa601f33e43bbec32eadba775e0d37f58958b300748e65b6d71640d5144cd8dd7d1932f43d6b52f784066e8ce57ea781cedd38a9393f5e4180e631c87d821c20037b3ebf8b8074ae4e8dfe5e643428a7c4c24912ffa066c884c6d8dcd367a982c59af87660c17529b68c363c61c2c7f2ce422cbdf473c5aa5a9383a0297c898cb0843e2cae3ea99301d833840d224db533ea8f813b6347b495dc5025726ea7567c9f882ed8ef7d4e88ff6c15cea084b293901d7b35873ecc45cf474872039442d061745f5780a178ea6f00692f2dcaa56cd89a4547bbf9f48330acfdae923fa2122db65469d7dd114876fbd51f802fa413e1857728bc6736443dfa2e1f3c3dddb0c6c583955514861ae0ac3e940ec0b6251b44b0ffa66c47981de7c520de46f685298faaf5ba329264c31a7fafa266489194aab83d2423ff438b7e9b1d659d5c9a1ef15e0e666d613197abbda8d6acaa7ef7e144f18944d7f24df7f86aa89ea502ee50590ed7b6c59d88ded784cc38a0718cc03f94bb3376f427d6d26ad89ebc9ceb4e4c82a9d9e4d17b92a9fc70dedd2e928db7ef8c3d4494da3dddd41b9291e34b54117316fd13c9d75e2c3bc1715995b337bca00a6899ba2b2aace7d180a0af9677ad165a6c6003f07c0de2a32e8f91d9652a78b0af2b2e17b1778b59fc53b3be415a4c61bb26b8bf86a979882591b03f79d9bc4f598b9fdff433ae8da3e31edd154eec36e06bad4e2710030100670183738a99c04b0033ef6e5b0b59bb077e147868a0f01dd1faeb1260c7050e4d1a626e8e7665f6bfe7f9fce845990f16a407f12af28bb26c86cda41285650cc1bc6df608edc286433de49a134a1693971a9e3bc570a04c6385acc555f592ae27fdb5fec4e7749e8ddbde6de3246da9b5b9a4710d9af7b2c77d52b4bc41126a6d99d584878be0fb5adb0334002c1890d2585d421938543a7bc283289211fcb367643c5e53b1e9df71daa2b42183e55436e49e29a88e25341f15e0578c6fbfd44ef2cc446c20ebf4b70397a0958a6c2fef03dff603691243b103519bbe99d90f204e433f7ccd8416410308d5090820de9221386e42b9399dd27afbe5c2d4334037733c484ac61af3362af486a913a743d0c885e2cb1b3b39257f44489d78c5ff27e00869b014aae49102a7d8b0f2f6b7106ad0c6d85653773f26e3cf1c68753d1308398f29d769b2069a70fbb34ec332cd9881e19b5e02489133ea233e120adcc8a25f4f3b7bece7e4817d61e6244c9923518d60e48f1a06f350f64e0d958aa63b5a646cbe21cee6f642ebfdc221ee6ef47c8b3392ede9422cf276c0ece6d8b31fda49a233928d2c2cc9ca8b834ab0a1c645b4956d3b68af6cfab97a38fdcc85c5b3a4cdce63c19c2846fcb2b2650e7c712a3118d705fac0d62296319d1669494e719197e59f9656e88b313f7fda3c7ae27b9254a283caa7e028513510ca897a745568f50e5d11d3480da5a8dda454e3efddfad96e95328b0736a702694c3236d5aa3da05b8bba56573d20bbd3e76529b2e62162a611dfd1ad40994152492888675fe4aa8327bfdf170f2b177daa0c685bf01d786b60c7c56f44c190fec44f2a44510c1c7b6ba9128c8092453e87dd024aed1ac7f02b89bee2dfa3de38fb3299b395b00be75a75d9feed5dde93a694a15a334b8f6f39d42b6dc3e6fe73373eb02b6272842155743c80119c9a0af38a6fcdae061f12e3eef0b1d98f208125e8d89f8c34897cd1c9e68b3b58ac9e9697724f7a34b268b61689198afbb903c4df7c0656beb894b80145abd966a66da5b73b91abb3aac039da12297bb3d3517c9d93df2ed9f6068c533c8282dc82b8f62ec06f028f1183339120f9285532189d78a3d6ac1256fa4a99e98eaed73c8cd57c113ab5a031097ddf7b69b8d8ef55bce69567f6159e303a3810d4a615a2597317cab9afbe3753ccb5924a12f4fdfbb0fa43db8838684e76640de053db7aa4a6081fe2ca33d727b694ce81c0d92fbdf48704f25346daecab101ac19ab864c12fa24304846c98623ad1a500e2bc6a4708d3b7b993b27566c8ebeac5eebfaa4d3679fc48bd441de223ae15606a44caac15c043122cfd318b0fdbc3722f4b7544cdbf1c2a1ced290896e8bd3771896632294cc2dca3e6e2d437ad1cdc0578cddaf233d3f8818a51a67e0a3e4822aa438d3668c715eb4de74d5d65f6dbf3f7372e021e53e993b437217f3bc0373c0d1580858be48403d04d7544cfc967e5eb17971709f9ce17b4e96cf51b601c24d06452e62eba82dc4d85d0afd4b8069af858b99227d9110a5ac811fad2284935eb367ce2ed8c1022a4cc84759ffd9fefbbd2925094da11d661a6fd70f17b34875634c6d6dcedca107a9f52e21cfc0ba27cbd07231e39eb13c5ecfcbc7cbd6b6adc0aadf9b819a2e92eefb01209e8b43c0a3a1443613fa7d70c2dd62e8e4b3f877fae6e8c50ce4d54d9cf798b363aa5f2af734289281b203ce4fd6d04bebe9325fd7470775762a1ea28d4737e70e7aa85401d0cd6daa7061823462cb8531ad0c303ec0519a26f367b15abb72aba8a5fd4bcb54717a636752bfa60db2c4e17d06b14786d06daade02e1d3118eb55b70b9fd8abbc2807cb6ec8c638f39bdde944639efeec769310408cd059917e4ac74982cb4e1a0a21c06646871dcfaab20e23ba7e49c54725f707eb005154753754ab15c8942c9ba34c8e9f3427f025969925f511c4701af47b86343d6bf1976a801a1bc3e30a32f817936a51841d325d76b4e481d269fdc8863000a2061734cd4163810d358db5b461b9611082bc65b443fbb929f5eb0e974cc7e03f5aa44a3c6eaf0af2244476ac4388813c01861e59c7fb7f226d77c98e1a7e7717c1988d2f80494b8acea412ca6be70e728b0f552371ca56ff8715e08e943ac89d9a0f089318f9807d41128f15fb2c8a9907df55401ae4949f58db176ac863726d7560a6efb0472bd069362c12f4cadd4715c7f1a89d2885060ad4f8fad47f45bb9a6090a8a9eebd3179f1204a9ba1cade86d7abac82e9e3c6588482d147abb43dc46b25a19e021ae19c4be3ab1f9abc2221d080357e80b82b4919b87037506eecb96ccfef0e7f111cb8eb7a04c2834b1daa510cf786a4fa7016c928fd8ae3e0f03223e1ea5401ad3d4b6481d6e9908ac8b400e95d06874eb77a187b41d4846e2da4f85c634433b79bbc468fe8b91329973cdba5b570f5f53fb90b11546663f3209ee3930a556a782c39908603692e3454047e054a9afb255628c85c3c7d5515fe22ad093de7adc49113da7720366b46e673b88d53c2a0793eebdd734d6340065a0283158fe61d9417d1d1f3229af5486fda8a2f6582d6449040e09d9ec4dee3a1ca9438d9532278a212e1afaff0fca28bd842c3bb897cf2993693939f7106b76685b18225fc5796a91d602ab94663961508e0a94d71f916835e9326919b4da7ed3b1d3637410e6953e7611183eef02697e0454ab933721e10092f8e9a455f6394bf189bd4410970389a10faf953c17b0ebfdce5f01e0e7ff6f2929a88eec490ec1d39483df82c4fe2e415cbc7d073c8862dca9ee59949557c0bc74afb6eed409588c44625cf8cb9d849fbf328f7c0c5773dc14109bf39fc4a8637691c3369d03a7b394b56be1bf85ad3ee8ccde5de7598aa88515d3990d7ca7c1271b3e826aa918abdf4ebf2cda2ad835279b6d5f48c07d020dcdd8b654ff18fab601d91021d19f857b9afaede61134463baf985c3417ea11fc7baa3ba21ffb8037033dab98a3c8ae0e5eca519ea33bbb5b99ebbfb9fbf45eaf1ad1a90e6ff7424daf31cb8c10b75afd069849dc98fc97ab61b5c6894cdb53cc5c36fd6147428e05be5f324abb10880fdf497e0a39801297a1a3c103dea6c5ab52ebe34dfc8bd1cf2329517ff3f79e57e73f228f00c32e64daa13aaf6c2bcad7eb6ceb057990c9c95f3183f5071f2fdb99d64aa560e6775dc0d8eaa0afae695bbccdaca0cd0a172e97e1cd8c0f7ab2fbba51b6c6737af181e42bcce32944b548651ddfcc372634f206142540c1a8106fba590e12c94110bfb2ad711bdd77d206365e1f80d5ba8a4a6d01ad9151afb633b32480381799215aec94bd5661197fda2449ad43489db9090284e9bb1741bba5daf58784b35da3f23a6af119ffdf51834a88d2e48c6012f031ceec245a2425b7ae7baaea8c8d1774765f86528ab95a505634fd93e1a6067097afa400a5f61fe1618f5d8782755d8805ce295b07403cc3c87618a89da2ba4b8eb10e386b39bfe80b17654dded38e7d638962b2cf8201322f06d08bc4eaf5977d8f7bb9821dfe2d4bfc528043f0a2e1074e33ec730c73da6ed1f72ba5f3de610115cf24eba03826a0cd64af296f19c6c4d3f87e770c4811fc9b39b5369da4990fd075daa5fcd83928e8e2defa7883f06f0d51ada39e51fec84eee66d385b5c076a0827a7369bb35632f29bc047579bdd9ea0d05052dc4c7cfa6c344e17a0fb21e23", 0x1000, 0x9}, {&(0x7f00000002c0)="060932f0868685e8606b4346bfc7d1797403032c7484bf30bdd49a32aabea0437762fcbdc187ae5e9116ada25c32f29064cfaa028743184e868058f10f34f44b431a0ec827", 0x45, 0x3}, {&(0x7f0000001440)="b7f29a8b9d317d8302ac60c5b066cc24b64e9a8d1915bce459fe53374e6a0a2ccae9d9b9b425d44421203dae2f16736a2a7f08cb79e369885c96574d4318c894d6ea5b63485d99c3d2f661413a99effdfb1b5224eddb30acb88a7f04c218aecbb14c8a11831a613afa3e3def1553ec7515642f501e2a3a7964017f3b4980e1056fd3c3a513ed5b6ec441e222f20358ccd27aebd412f44f4c4be3769860403129dcc577020fcff7c71ca3119ea7761d7fb7287e19856c37bfd3fbf3deea065b05b35e145225d2415925788c9a0da02deb562f812a8787cc443c34366ca2d8b11105b1f5fe62f838b6470cf4b00b23685c588fe516109ce74323e230ad0bdce27170e9593ef88662ac8131e43af2b0fbfea65dcd8f1221e5da27f4e7cab6ca65ab7539992360fea11df64a30222473c52f51829755639eb2625c96979d3581a02dc47ad63cc80dc4108ecc2e07f144bdbeb3b74beac1d0df0e205afb2f6a95a12f39bee3c83d9579d36604193012fa84e78a9957a277d0f935c977a2c652c8226e7748943521aaef256ffb7e0eb60202ff049c1fc0f894314c11a5493156df776440ace8bccb3e9a422aace48b68852cd16203654467bff966e0e268e59726ee29c8c8251a523ba3d4636c0bc453c5ab57ddec86fc3503cdbadc16e799ecba43cc3d55f7d018ed5a52f9fcaad7ef1c4c1bcc3a1524281ffcad3005e6debd10289621205e8cda547e6252d60053dfccd9f720a62e5f482b77e932071944a635f7bbc578d64193154e595ee625a49f51fd106a167d10855dbb63a4a5a8c138d11521624312fb240ea139a574e41d1d8d72b062b9c51957d7d5ecf244d522ebae2f75b04d42e81c3e53e1bb8120ac9537ba577dd44cfddef979d3d1ba3c679b1d264fd063520cc84b151b560626d1ddc6324cee7f130d188a334bbbc648c1267f97d8e95f00681d9157034272e683ca46dc738092d0d598fcea52cda9b0a7a41650dd1eec15e85fc8faf3a41dd27d38839b048ef81944448db407d5e2a8554435cb1b2ba1929aea917291fbbf39da9d44871546292909c4683aa5356f950b18204529e0443c25f41fe6195141a48e55da90dfbfa039e4f91214515e45b4eb5a3ad28c5634f8543289849d61bea226e5d4214eea47a25dc85f5a8a8e9553c77d506302c25f14e009be14036f9955b3e4a02e6eb1485a22980c51c41bd522f0f9ffffe39abbf8bea0b983571dd67fc7d3e7acd6d27ddd540a01187bd6a24bd777fbe3309117f7adfb7f16701d02dc60db604d77d168b8b6ab7aad71b1eda35c537ef3f7c7c4bcdc1add9ac118eace3a06e43d4a90354ac138fca0775e3ea151186b751631635b0d6b11d05157e7dac3a229feda76768e8cb959fec36b47e425465bf2124c222e3aee34b2230354f15f574734cfb74b618a2e1cdd833744f08fba14a9c8c22ee6f5485faa64511afbfd9044f2a82c4689a3e4ed85c7fbb9273bb4430459a8e4ba8c1f9ce778be690908b00692b079dd302e57ff4361b349588ee129a05fa3e117bb4b22b15487386d42e4ca6b303cd8843cff066c4409567813c40d364f8e10d43477176ea49a1c2901bdd3f71f89c91b40e918a3b65f371b26fdcaa2724ea9bf706a585b7761fc46eb29740c4d460e277d0ab7e3bb15c5c31432f082afbbe363ddc44cb453e6960ac1e9c62f55b18dde13b3f0c98c06ed0db9e83559ee98d21d67008cde5bf87eea3788d3c2f3ea7e603907e5e4a20b934f75e0c979ce3ec88257d7ce7454ca9218c2eb79a8e092603047c521806eea4c1617deef1f1d2fb8b37f1c852020f51dc8bad59787295a93047ef233b1780e01c2a014e1221094422ee86cdfe12ae5ce375fbf4f479351c128ff19d3a4bd5b66be4e3d7b21bd510c771bbfca913f20ed24f6d3693ee688cdebdc2386c7e6c41c4385622af34c7579fe795be51fbd86ade4cded55ecf6efc8f5cd478c68ccea4f07843c8f604e54821d4dca6db50475015e01fb1f188cb9f00787cfc4e3e90db5c4c43b8c76cfad5aee313b1fbb53556a79a8b5605e34f71506fbe91611cf29088604c1e9aac911a94b7fcd3747e76386b5e0a1950c2c6c762728681907b5fd445562326b03530ae22c5cb91e5501a4e7f42ad62e414a37f67e2ed1853f26416eee6c41de706fa54e3c4b245fe39858b8871cfb1c3aaf527a7aec7cbdfd7e5e976fe1264badb98db6a07090c384095fe8c464ca12bb988623cee8426aa24d72c9f37dbab16294b680fc1733ccf7a7114cc51695714bd909b397a6379d4dc884117cde0b7c3101156fc3333bceeb1801bf1ad4ca55d22092fe1ce366e1ad1b76ade99811f2af95daaa5414692e042735f457b88bce3fda2b85b1744d0ecf694ece903f2a9b7ebc6ed1ac52a981186a217af7a88ea6bdb2a73197ed37a764c4a9cd7d3db5ecb0ed44cc4a7d1357baacec520a43d8b90834922cea349770eda61e7facb3ab43075ad52ce69180c49069b2442f7fd63fb94962325f37139cd96bc768fc261a59ddfc2e9ad3437a85d825bc4c2fd832703421fc8361ef3beeecea8666727051550bd28270e17a785b18f6fd49cef8b4e93e9838eeefa85575658f9dae5ea52e43e1f961097aa5b6b6bf6ce08a8cdff66392f4f4e7c7c139b43be2f42763a405b58f7a92bc33b42c57bd43e64ccc527592a68c941aedb566ed46f91ac3602fb5ec656762c1e689c2470c92e9ae0da8e85886005702a96ee80eeb608ef4429434ad8c91e6a2a0703fdf4ef05672c464a96982078959adcfd97168dc8765ff5ad282f2322ba5aaf3d35664eb718d9b6b93a2e29fb5399992097b24a4fbf4d746d238075cb6af7ab4a24d7562a87c80a8d2c4d0c04bdcb3b65663ad9d1e76086b0c4d0e66a450639a56ceef2ed64010b287798dd5123496bd598c55022e4251f1c2dc3945ca48022e2783d64f703c4613055d817749a9994a938010163a53ab0163b73c497a644aa9c6ab760a7791d835d36f8e18f0e0374c2bf6dc00dbcff7cdbe67d237423032ec211c4c949a7c435fc04065e2f50ca9af7129d61cdb552df29e234c3342358a7e79ebf6a6e2de272b417185ec8b30a928f464957e5cdd2cc85a4aec3d80541add3ae0b5fcad530bd706808695457e49d80e8ca7d201d351cfe1db6a97764c8de89ec48a699ca239c9afa5a38531488911d48171db995b26ac5e4237bd4a094e03c00ea35a9853ad6214121332e16724c8c372b6c33139bcaa4350803e91f72f5d386fcecf17161e9712c9ffb6983b3e9a42ba9399fc547ec59f3766d2a15db2a91513384254388629aacb10cb72b57c9a9f142af4cf1df0f2570cb857a3303b1a0e24e9c35a6ad281401d019e7bd99c5e45a0163e7274b8f38eb16cbcb2c423b2d2041c984d0ba7293df288cfbba4206eda0d07d3fa0dec95b4cb13e753d686220a8920d365aa4ee2dbddbb852132dddff3de7a93544184556e226ae6f606d660dfb3d17509e8bd232bec3fe1244815539175c2aa2310f7118c95fa18517832752fcbd08e1fcd26c7628767ffb26402f4d6e4bea42cfdd1eeb6150c064618d24b59e1135b8aa6030f05e5438fc0f3783711ac6e314edae7e10fa0a3fad582d863a711620d36f59e6614c6580a983fc708cfa04c55341770f11905fc2b5b432e12f1a6a6052797c0116782d71b0c3aefbb2539b833362c7e5962b227c77bed691fe71477d2714fc5c2b627cd033457e7917ebbc1083963d5dece4e83a5efdf74f22d35cfed7e8226406c1c877ff149817c3e28064adb9efc690677385318bed347f1b05d77104121f1f336435c91ec2019a21ba05b2710abb299182636ea6bdba48a69e8f2252d7658c5fc3a5bc62d520256bcb4ad4400b67b8afe2482125634376fde095d266770b751f177ef25fb27a39f06e8ace44dbfc5eaaebaaa343ce27bdfcc8ba0835428125f3b019737ef41c6b0ee606f39b66e5e5af122c4e3dad1b217c7a81b855ab2ed619635e8781e5ae7f04fe363e088c47f417e5ece57252765cd590ae9f76ee12096bc8a2d74e554039362823f604d431f539f3f21255a3eafcac8945187e38f936b75e4092f9fb62d919ed8a80c2dfa091336655ffb63b51f014c8bd91e57fbe8a8ce041be02d79b6adc0cfcb42fc47c677d3ee28dca3f39790776a5b8361c8a7341743ab089458725c1ba52c95003378feab8ee68ccc062e3d8cdefbc5f992ebcf9ab6a20f86c92144a1a85a66de21050932b9ed1feae02506725501b8ec2af36d13cedf2732c40f4476b1046a12fc258364d8cac6ab1d312dbfd94d56322f9ba2a634dcdc121bd55a5a60dfe208aa9735ca21f79d0e4f207981646a58f6da9a4b99d3460cf82d6328d971cc2c7c6b3e835caf8760ab948ab3c0dd0331074f2607a97e10325a1afe4a8bfe36e6c95c9735a2c3d0464730ade5a6be0de5645d4904962eff159d914f5c39fae32b6ec59f330e70ba8c08035e3ef3ab0e9eaa930ecf6b41fd9ec36c84c04da2bff18f4914eda4fa605e0e3f6a5d53c5f663020daf484feffa63cc5f18d149aba08702bb2b595cdebe9872b44087d4ee167b5bc2e99fccafc23e735e85eaff94175f9bd8613a5240a6818479f757138f26dd8d1e8e2191b1aa37a1661f4d0dbd31a0b556316ba567e69dfa7ab5c0a2eec1458c04ef5bc6c06ab7e6c5bf4cce1a005e01e4c9b3c8dc1e48b8b6a63f434c850d58606f947026e825f010a6dd2e2ea86b0e7165986f1ce59c41309d41323698339d34bc30fa4cd482874e33909b6cc150f1cc3ad5c153b24c14d5f9cad52b818b0fdcbcd3373afac0870de09c4516f8c354c2b73b275b11d9e650a91604547f3dde5c273569f6e8d8e6eff3ad22578c96622ad58d2e399823c62939ddca369a2dd2afdfd177d26f45b311d3cddf922544a721614e87701455a17c29e1659a3284179526a03e660e5e4f9f45de5f7dfa447664d620052bab26f3925fd175d9b26f5a8380303f6e20d3fa3a26b726dfd1232553956110b98e4e2a39f796b7694093695c8b48ae50707bf56dd7d165ce83c17804039aeaad4c36be15034c2bc9e0faf0edb3646a6beca511dafa47e79eb3632e5d6aa14d5d46d2061517183230e7949602df79664e431861507414f336a1ab30c2b82109c513809fb97cf369e8c3f4808c6ee00a9e30c467e930532ab50d8935a61187f52fd80810a8876200af6eee9eee0d500e6d670a074a798288d181fca81cdf83e5f057936d70a2b48b258893e689317e0b3e6cf23dc473c4dc011d638a6ae582944818b67660f6798cec7889a1f026f87d8786b2e7f1d862db48c6a049b6c93411f8f31661adde39896d1ba5d88434416203ca6e927753ad7435ca41b86f70252aa0cd2e1365977a7c1d42d331d49be4500a1d5aad430a404157f1424e94b6e8276ce9e32f36f4acbf7c4ade8462a4cf4aacebc095430003e042287cd2522806a410ec701e08310ed60d7b4081bc7ffb53f895e739256324d563d19ceac76d85e04cec3d9217101702b57b2db01f1e7ee1737df9465f054a0e6a46c4d84a4037bc28e6e87b0d2873a0b0c366eaa53a81addd54c918b685b590a81b7c6003867d6cf30aa93aa48babb921051e31654ddad0ba73dee2a0013e214d76795f205ff3d1bd8a80c8368f49f05e8c2c3f473d1cbc8f08a0c456fc3c9084b0cc4c582b4d538e616d029008ddb75b86a4fd70eb322bf9d1d906555b009016047ecfad11627bfa269097cc551de40e639df19840e8f79ae58040e633760da262e9f5922323556560", 0x1000, 0x100000000}, {&(0x7f0000000380)="d77435f44f35ca38", 0x8, 0x101}, {&(0x7f0000002440)="5a83a9fbf5d3df52f51576dd93b2820052826775c4e4e7aa45c058eda731a093171e8fb5e147bf2031bb1a8e16f63af9760f1bd651c8e2ab6ae876e58677f432b3ba08", 0x43, 0x7}, {&(0x7f00000024c0)="3114ef6537b28caeaaa2a9cef8c3765510115314f2c4544788dff3af5bdf30cfb7e5783db17e407cedcbaf0b6cf9afb87fe25acc35e0e98756a0e33b12975f946a26e441f606ce0069910282f26af88ab9fffee7c2d251cf334c959719484cb8fdecfe734fbb59a939babb9968b77b1391ae38572ec1dcf4d122828d3e4aa809e72519a9ea08002c1ca0e7ec63550b91311f0171ee08d61ad53010505be13760bf63862c03d91b8ba0aadb", 0xab, 0x80000000}, {&(0x7f00000003c0)="25bea0a846ed424b2ce661ae9ec2445f9945779c", 0x14, 0x4}], 0x0, &(0x7f0000002680)={[{@case_sensitive_no='case_sensitive=no'}, {@errors_continue='errors=continue'}, {@mft_zone_multiplier={'mft_zone_multiplier', 0x3d, 0x3e3}}], [{@fowner_eq={'fowner', 0x3d, r3}}, {@obj_user={'obj_user', 0x3d, '\\eth0'}}, {@euid_lt={'euid<', r5}}]})
ftruncate(r1, 0x208200)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r6, r6, 0x0, 0x8080fffffffe)

03:59:09 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:59:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1489.041723] Bluetooth: Unknown HCI packet type 5e
[ 1489.047318] Bluetooth: Unknown HCI packet type 5e
[ 1489.052273] Bluetooth: Unknown HCI packet type 43
[ 1489.060650] Bluetooth: Unknown HCI packet type 43
[ 1489.071499] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1489.083207] Bluetooth: Unknown HCI packet type 5e
[ 1489.098805] Bluetooth: Unknown HCI packet type 5e
[ 1489.106949] Bluetooth: Unknown HCI packet type 50
[ 1489.112234] Bluetooth: Unknown HCI packet type 50
03:59:09 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1489.154358] Bluetooth: Unknown HCI packet type 5e
[ 1489.159264] Bluetooth: Unknown HCI packet type 40
[ 1489.165616] Bluetooth: Unknown HCI packet type 5e
[ 1489.193859] Bluetooth: Unknown HCI packet type 40
03:59:10 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f0000000240)=0x1, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r4}}]})

03:59:10 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:10 executing program 2:
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getpeername$netrom(r1, &(0x7f0000000240)={{0x3, @null}, [@null, @null, @remote, @remote, @rose, @bcast, @netrom, @null]}, &(0x7f00000000c0)=0x48)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2104080, &(0x7f0000000000)=ANY=[@ANYRES64])
r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r2)
r3 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r3, 0x208200)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240)={0x0, <r5=>0x0}, &(0x7f0000000280)=0x5)
setuid(r5)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000280)=0x5)
setuid(r7)
syz_mount_image$gfs2(&(0x7f0000000140)='gfs2\x00', &(0x7f00000002c0)='./file0\x00', 0x1, 0x5, &(0x7f0000000780)=[{&(0x7f0000000300)="3be12d314664d97a4a07107f435dd91fcb8238ed3071c2453d195068fee63d90807ea7cbb488c2d8a0291bac808aa3b31224cd7d91cd6b06faf8f4fc56f7c3540709e02ac9dfec3e0cf1adf8e6a5708d6141a37e15ab466516a3bdc85d0b4d800ebf09695cfeaea027e5fdc0395d3593a636a140261c8c923918bbb2458f257528ee24a2", 0x84, 0xfffffffffffffffc}, {&(0x7f0000000440)="e2b38805a840beb91b31b22936a0352d477dd7e9994e8514bbf7d3f59a32d0b279cc8440074fc0d7ac0c29aa30b79d39c95e65d54ca3ff9c49e004b0140b4b4f7adfaa7eba0aacc77bf9129be51fc102ee91eaef31d85a61bf8852bdec547c26043e3350595648c71f946deb4e55b98d746b58a54b34e4b96cba4594a390a844c673cdb40044443fb8b34a37dd98addb973d0871cf2f0568c64a71674cd5fadce506afc91069fb738393a68cbb9b336ab058dd38a52dea2bcb62099f628719204377b3b456c37635e1f692b4904dc0b0feef1ff8c722c54d2cf3bfcbf33c97ab629642ff6639a2b8f63e693e4849bd8988547cd121c62cd22d", 0xf9, 0x4}, {&(0x7f0000000540)="f3925f70d663ef00390eeb5b2dcc9af242f3ea848462a544421279843006b95a6139c16696086de14db0135dccd8af56e2108b88573c796969aadcb70796278f1e812cf317b54f5f8f1c06eb33a3bcc28878b29f3087af40cea7c1f086aeb6f1263cb024d8b2e7ec2e0d0d06ca7f41263a544b32127827c8", 0x78, 0x6}, {&(0x7f00000005c0)="b32628f416ad29275af6c6ee9cc019139104b457206d3968ebaa40206eaf19e8b49bb14c423deb8fd3f886d0fc8d33438bca7db7f5b08518d2b57917fa1136683db16ce3d032993e51893dd50d352efc3eba29fbee9584f4bd9abb71ddbba0cc040ed70eeb7a000ff5beee39fde543a49592a027c37d0d055641b9160a6764f53d142c088ff5ee44bd9f99824386b246fb70b6e7667ab68db9df264df74ddac48098b2804bc628e0baef88778f28edcf1766aeb9cf259f71c9dffb513b43ca98e8b417a331bff97ca085f63c16d0c3486d1e44f654e23c58", 0xd8, 0x5}, {&(0x7f00000006c0)="9d9f75117d5adfee40cb7180d0f890bcdbfd6ffd2549725dc7a2e40103a8399b31bbf2bf955382d24fd4d5b459309f9822a1118bfd41baacc5703afb7602a70c688e70af33122b1a01e3e5bddb068d711bd74685a17d1a974c4e5c4b43bc51095a47c9fece114bf94d37662265664fcac3dca909112f041653aa0bced2789ddd72c3b288defc32d9c3ad70e4f34e75687c63421749de1a7f68d54030", 0x9c, 0x6}], 0x3000001, &(0x7f0000000800)=ANY=[@ANYBLOB='meta,audit,fsmagic=0x0000000000000006,context=unconfined_u,euid>', @ANYRESDEC=r5, @ANYBLOB=',appraise_type=imasig,euid=', @ANYRESDEC=r7, @ANYBLOB="2c726f6f74636f6e7465f9590cde62c346511e961d"])
sendfile(r4, r4, 0x0, 0x8080fffffffe)

[ 1490.290416] Bluetooth: Unknown HCI packet type 5e
[ 1490.296144] Bluetooth: Unknown HCI packet type 43
[ 1490.302441] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1490.311118] Bluetooth: Unknown HCI packet type 5e
[ 1490.319164] Bluetooth: Unknown HCI packet type 50
[ 1490.328701] hfs: gid requires an argument
[ 1490.333345] hfs: unable to parse mount options
[ 1490.339709] Bluetooth: Unknown HCI packet type 5e
[ 1490.345733] Bluetooth: Unknown HCI packet type 40
[ 1490.481954] gfs2: invalid mount option: audit
[ 1490.486995] gfs2: can't parse mount arguments
03:59:11 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000)

03:59:11 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x18)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
r3 = socket$inet6_dccp(0xa, 0x6, 0x0)
r4 = socket$inet(0x2, 0x4000000805, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
r6 = dup3(r4, r5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}], 0x10)
sendto$inet(r6, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r5, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, <r7=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r6, 0x84, 0x6c, &(0x7f000059aff8)={r7}, &(0x7f000034f000)=0x2059b000)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r7, 0x63}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000004880)={r7, 0x52, "962c06be33f464a6ebfc07a9b87dd9e58172ae847b4a0d480c5294eaf9103a1a99a450655aec659878aae7753bcbb42c5536dcc1ff7d2d7ef970f4780f9425d918e5defcb711ce9dfcf58ee3d1c709a8abb7"}, &(0x7f00000045c0)=0x5a)
recvmmsg(r3, &(0x7f00000046c0)=[{{&(0x7f0000000140)=@alg, 0x80, &(0x7f0000001500)=[{&(0x7f0000000200)=""/201, 0xc9}, {&(0x7f0000000000)=""/43, 0x2b}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/130, 0x82}, {&(0x7f0000000380)=""/72, 0x48}], 0x5, &(0x7f0000001580)=""/187, 0xbb}, 0x9}, {{&(0x7f0000001640)=@caif=@dbg, 0x80, &(0x7f0000002a80)=[{&(0x7f00000016c0)=""/167, 0xa7}, {&(0x7f0000001780)=""/128, 0x80}, {&(0x7f0000001800)=""/217, 0xd9}, {&(0x7f0000001900)=""/4096, 0x1000}, {&(0x7f0000002900)=""/192, 0xc0}, {&(0x7f00000029c0)=""/179, 0xb3}], 0x6}, 0x6}, {{&(0x7f0000002b00)=@xdp, 0x80, &(0x7f00000000c0)=[{&(0x7f0000002b80)=""/196, 0xc4}], 0x1, &(0x7f0000002c80)=""/129, 0x81}, 0xc5}, {{&(0x7f0000002d40)=@ethernet, 0x80, &(0x7f0000002fc0)=[{&(0x7f0000000300)=""/12, 0xc}, {&(0x7f0000002dc0)=""/133, 0x85}, {&(0x7f0000002e80)=""/63, 0x3f}, {&(0x7f0000002ec0)=""/196, 0xc4}], 0x4, &(0x7f0000003000)=""/97, 0x61}}, {{&(0x7f0000003080)=@xdp, 0x80, &(0x7f0000003380)=[{&(0x7f0000003100)=""/171, 0xab}, {&(0x7f00000031c0)=""/170, 0xaa}, {&(0x7f0000003280)=""/166, 0xa6}, {&(0x7f0000003340)=""/60, 0x3c}], 0x4, &(0x7f00000033c0)=""/174, 0xae}, 0x7}, {{&(0x7f0000003480)=@caif=@rfm, 0x80, &(0x7f0000004500)=[{&(0x7f0000003500)=""/4096, 0x1000}], 0x1}, 0xee25}, {{&(0x7f0000004540)=@can, 0x80, &(0x7f00000045c0), 0x0, &(0x7f0000004600)=""/156, 0x9c}, 0x1}], 0x7, 0x10162, 0x0)

03:59:11 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
ioctl$VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000240)={0x2, 0x8, 0x4, 0x20, 0x0, {}, {0x2, 0x6, 0x3, 0x4, 0x6, 0x20, "1af7b522"}, 0x2, 0x3, @planes=&(0x7f0000000140)={0x8f, 0x6, @mem_offset=0x8, 0x7}, 0x6})
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000300)=0x14)

[ 1490.961171] Bluetooth: Unknown HCI packet type 5e
[ 1490.973151] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1491.008886] Bluetooth: Unknown HCI packet type 43
[ 1491.036278] Bluetooth: Unknown HCI packet type 5e
[ 1491.044365] Bluetooth: hci3 command 0x1003 tx timeout
[ 1491.050059] Bluetooth: hci3 sending frame failed (-49)
[ 1491.062699] Bluetooth: Unknown HCI packet type 50
[ 1491.073199] Bluetooth: Unknown HCI packet type 5e
[ 1491.081124] Bluetooth: Unknown HCI packet type 40
[ 1491.123773] Bluetooth: hci0 command 0x1003 tx timeout
[ 1491.129264] Bluetooth: hci0 sending frame failed (-49)
[ 1492.333608] Bluetooth: hci1 command 0x1003 tx timeout
[ 1492.333691] Bluetooth: hci1 sending frame failed (-49)
[ 1492.963610] Bluetooth: hci2 command 0x1003 tx timeout
[ 1492.963690] Bluetooth: hci2 sending frame failed (-49)
[ 1493.123560] Bluetooth: hci3 command 0x1001 tx timeout
[ 1493.128937] Bluetooth: hci3 sending frame failed (-49)
[ 1493.203535] Bluetooth: hci0 command 0x1001 tx timeout
[ 1493.208896] Bluetooth: hci0 sending frame failed (-49)
[ 1494.413498] Bluetooth: hci1 command 0x1001 tx timeout
[ 1494.418969] Bluetooth: hci1 sending frame failed (-49)
[ 1495.043443] Bluetooth: hci2 command 0x1001 tx timeout
[ 1495.048862] Bluetooth: hci2 sending frame failed (-49)
[ 1495.203435] Bluetooth: hci3 command 0x1009 tx timeout
[ 1495.293495] Bluetooth: hci0 command 0x1009 tx timeout
[ 1496.483411] Bluetooth: hci1 command 0x1009 tx timeout
[ 1497.123323] Bluetooth: hci2 command 0x1009 tx timeout
03:59:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000))

03:59:19 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000)

03:59:19 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="060000003d377ba21cf66b8bb12c3add0d37a676676105ce64bdf34c17f0e58fa48ac3464e03eacabbc91e137558b36ee53e66859c98ffbd4d8b2396c7301ef30b1c31d3191c210725b5bb8a0063e6658864f51e2c3db966de0b1c5e7a08b24e169d6d0d3078e86afe9a274d1769059877ac88b5b3bbf7db254918cd172e4b2cd12c46753dd68cdc64a4fb20fa92c31699cbce1b50a34951e117ee255023f7ec8b5e712822a6cae235a53832b3ee1a5ad051500dc6ef73db8fbb0eb9196708ea71706c9f9c4fe31f3548392fa78f6b75f100235d8e80f381756ef49e3a1fb05a2359e1d4d32971a921b58f5c729067ec388e4b756b37abf9b240e4eddade20665c65450413ba908c247cb17be295f85692e446a2ab466834491d90731cc5a60b3ff0753d60495e936ede20832c43a780e2281052b5b44705f6e947c7f78bac40d944d1ab6dab04297fb95f4dca9c1517d196e1dde0a2404e2204aca2a862a8d9c43d786ebca03b954e06fdb82d1c5e49befa7838d82723d027d5bd99f7a5f173a97aa1999d29aba01c2a731e22f6c5cd8d72ccbceec17ff056de6ad7a1928656eb42"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

03:59:19 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
write(r1, &(0x7f0000000340), 0x41395527)
ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f00000000c0)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:59:19 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x8000)

[ 1499.284842] tmpfs: No value for mount option ''
[ 1499.342936] Bluetooth: Unknown HCI packet type 5e
[ 1499.343854] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1499.353964] Bluetooth: Unknown HCI packet type 43
[ 1499.356644] Bluetooth: Unknown HCI packet type 5e
[ 1499.359287] Bluetooth: Unknown HCI packet type 00
[ 1499.372910] Bluetooth: Unknown HCI packet type 43
[ 1499.374403] Bluetooth: Unknown HCI packet type 5e
[ 1499.384347] Bluetooth: Unknown HCI packet type 5e
[ 1499.389516] Bluetooth: Unknown HCI packet type 50
[ 1499.410427] Bluetooth: Unknown HCI packet type 5e
[ 1499.426581] Bluetooth: Unknown HCI packet type 50
03:59:20 executing program 1:
r0 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1499.438882] Bluetooth: Unknown HCI packet type 40
[ 1499.444944] Bluetooth: Unknown HCI packet type 5e
[ 1499.455432] Bluetooth: Unknown HCI packet type 40
[ 1499.474131] tmpfs: No value for mount option ''
03:59:21 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=r3, @ANYBLOB="b5005c2dd66d8a81c25fd47bf46258a77c067170dc4c1ecc73"])
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20040085}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendto$inet(r4, &(0x7f0000000240)="a0d49574d79da3306f21c9afa434da3241606e175f3167f4687a2face4fe9318d0952655bbc8298cd0e7b7ef1c5b9379dc2c5fd0de9ffa521927e79e01c237aa23558d6402b162f7742810713fc2347e52923eb02f848bfcca4a1f25979041275c1fa5c7472eab4b1a1354e965fe7b85268ae9ca7c10f1734fdd4ef4ffd8f654908c99a0ebb18c14da548c39e3eb3effa2b197a18bf8657a85adc7ec3d802df5105930b675c074efffbad9deecd962a8f94d7c711ec83d5779bc615b997b7bbdd9c8718dbc17bb8f6fa36f72ef399bcc3f1320583c18", 0xd6, 0x40, &(0x7f0000000340)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)

03:59:21 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000000)={'vlan0\x00', 0x5})

03:59:21 executing program 1:
r0 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:21 executing program 1:
r0 = creat(0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1500.552760] Bluetooth: Unknown HCI packet type 5e
[ 1500.552779] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1500.558363] Bluetooth: Unknown HCI packet type 43
03:59:21 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="7369653d37dc44a249d18f7e615d54d1dc803ae270c8fb1e4971e1a4de621d4b7e9e4450efa4a99aae733cc56d5ebefc811b3d0b116899dae1f750bec85d9ccdd5c8a7e4cb8fe37fa94f644dfca2ea2d98b710d52ecf0b409ddc307d5a3199b739b30000e3abda8886bef818325e188c0df40a052b8589cd8bf28c546cc5029d1e27dd8e2ec03615f18b60dc86ef03d716f90c8bbe42eff28081b630bfab17c28d71066ce7f2f4c927e5a9f638a706d415e4f790eada791087cf9658c4dfeacfcdc2c42e1cc7fc72efbcc6f9e39cc4eef1c300000000"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x200181, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r2, r2, 0x0, 0x8080fffffffe)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
ioctl$RTC_IRQP_READ(r3, 0x8008700b, &(0x7f0000000000))

[ 1500.606036] hfs: unable to parse mount options
[ 1500.614364] Bluetooth: Unknown HCI packet type 5e
[ 1500.619308] Bluetooth: Unknown HCI packet type 50
[ 1500.627778] Bluetooth: Unknown HCI packet type 5e
[ 1500.638280] Bluetooth: Unknown HCI packet type 40
[ 1500.735687] tmpfs: Bad mount option sie
03:59:21 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="440000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b0001006d616373656300000c000280050008000000000008000500", @ANYRES32=r3, @ANYBLOB="6c818337ca294e35ef753d5c92d12def85b3ebe48d5081e3d442e14adcbf7638ac9e14ee06831fd7843149b070146864fbbb18d753ca732ffbd3dc70bec6a8c80775e5491eb20852ccdc36f6a3256c61328f"], 0x44}}, 0x0)
r4 = dup2(r0, 0xffffffffffffffff)
ioctl$SIOCX25GCALLUSERDATA(r4, 0x89e4, &(0x7f0000000240)={0x32, "c3b2b8a3907a8757a90a881601bd1f910c889544077935a744081e75b19583ec4cec2453c266c95f813cae0ecf618a37a7714a59c8334bd4bd101997186719d73faf971291eeea7057fe71df232e8477b254080c32e340dc0eba8230bb7b76ddb001bec4e3520e6b520808646b360c40c136c5389e9cafa787196e159b4b9769"})
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r5, 0x400455c8, 0x4)
ioctl$TIOCSETD(r5, 0x5412, &(0x7f0000000000)=0x4033)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

[ 1501.161072] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1501.199119] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1501.206302] Bluetooth: Unknown HCI packet type 5e
[ 1501.211231] Bluetooth: Unknown HCI packet type 43
[ 1501.221153] Bluetooth: Unknown HCI packet type 5e
[ 1501.233256] Bluetooth: Unknown HCI packet type 50
[ 1501.238146] Bluetooth: Unknown HCI packet type 5e
[ 1501.243106] Bluetooth: Unknown HCI packet type 40
[ 1501.373005] Bluetooth: hci0 command 0x1003 tx timeout
[ 1501.378350] Bluetooth: hci3 command 0x1003 tx timeout
[ 1501.378393] Bluetooth: hci0 sending frame failed (-49)
[ 1501.385314] Bluetooth: hci3 sending frame failed (-49)
[ 1502.562853] Bluetooth: hci1 command 0x1003 tx timeout
[ 1502.568186] Bluetooth: hci1 sending frame failed (-49)
[ 1503.202865] Bluetooth: hci2 command 0x1003 tx timeout
[ 1503.208209] Bluetooth: hci2 sending frame failed (-49)
[ 1503.442805] Bluetooth: hci0 command 0x1001 tx timeout
[ 1503.442888] Bluetooth: hci3 command 0x1001 tx timeout
[ 1503.448226] Bluetooth: hci0 sending frame failed (-49)
[ 1503.461134] Bluetooth: hci3 sending frame failed (-49)
[ 1504.642800] Bluetooth: hci1 command 0x1001 tx timeout
[ 1504.648136] Bluetooth: hci1 sending frame failed (-49)
[ 1505.282733] Bluetooth: hci2 command 0x1001 tx timeout
[ 1505.288067] Bluetooth: hci2 sending frame failed (-49)
[ 1505.522741] Bluetooth: hci3 command 0x1009 tx timeout
[ 1505.527994] Bluetooth: hci0 command 0x1009 tx timeout
[ 1506.722620] Bluetooth: hci1 command 0x1009 tx timeout
[ 1507.362650] Bluetooth: hci2 command 0x1009 tx timeout
03:59:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000))

03:59:30 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:30 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
lseek(r2, 0x0, 0x2)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x8400fffffffa)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r3, 0xae04)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r4, r4, 0x0, 0x8080fffffffe)

03:59:30 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:59:30 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1509.523842] Bluetooth: Unknown HCI packet type 5e
[ 1509.528771] Bluetooth: Unknown HCI packet type 43
[ 1509.534120] Bluetooth: Unknown HCI packet type 00
[ 1509.542777] Bluetooth: Unknown HCI packet type 5e
[ 1509.547666] Bluetooth: Unknown HCI packet type 50
[ 1509.565389] sp0: Synchronizing with TNC
[ 1509.596129] Bluetooth: Unknown HCI packet type 5e
[ 1509.601115] Bluetooth: Unknown HCI packet type 40
03:59:30 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x1a2840, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
fchdir(0xffffffffffffffff)
r5 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r5, 0x208200)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r6, r6, 0x0, 0x8080fffffffe)

[ 1509.780082] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1509.947355] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
03:59:31 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
ioctl$KDSKBLED(0xffffffffffffffff, 0x4b65, 0x6)
getsockopt$inet6_int(r1, 0x29, 0x46, &(0x7f0000000240), &(0x7f0000000280)=0x4)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r3}}]})

03:59:31 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:31 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
ioctl$GIO_FONT(r1, 0x4b60, &(0x7f00000000c0)=""/195)

03:59:31 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0020000008000bfbf70c76b9abbee524dd4e8b09d5de413ce06082ef953339bef03416bc336ca6c75b8bc99eecb8f8f0a508b61e25dafce0c6dfdda8375457dc4a535eed668bb30445c91a2132b2adc80bee7ea95ad61ecdfb51e0cae5a12685b00eeb22b99581105e73e736e4e0068cbfc807f7c8"])
symlink(&(0x7f0000000140)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//../file0\x00', &(0x7f00000002c0)='./file0\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
unlink(&(0x7f0000000040)='./file0\x00')
r2 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r2)
r3 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r3, 0x208200)
r4 = open(&(0x7f00000000c0)='./bus\x00', 0x17e, 0x0)
r5 = openat$cgroup_type(r3, &(0x7f0000000000)='cgroup.type\x00', 0x2, 0x0)
sendfile(r4, r5, 0x0, 0x8080fffffffe)

03:59:31 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1510.771456] Bluetooth: Unknown HCI packet type 5e
[ 1510.772771] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1510.781252] Bluetooth: Unknown HCI packet type 43
[ 1510.792034] Bluetooth: Unknown HCI packet type 5e
[ 1510.808680] hfs: gid requires an argument
[ 1510.813248] hfs: unable to parse mount options
[ 1510.824253] Bluetooth: Unknown HCI packet type 5e
[ 1510.829239] Bluetooth: Unknown HCI packet type 43
[ 1510.830251] Bluetooth: Unknown HCI packet type 50
[ 1510.838277] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1510.849186] Bluetooth: Unknown HCI packet type 5e
[ 1510.867945] Bluetooth: Unknown HCI packet type 5e
[ 1510.869591] Bluetooth: Unknown HCI packet type 40
[ 1510.874694] Bluetooth: Unknown HCI packet type 50
[ 1510.916962] Bluetooth: Unknown HCI packet type 5e
[ 1510.938949] Bluetooth: Unknown HCI packet type 40
03:59:31 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1511.612295] Bluetooth: hci0 command 0x1003 tx timeout
[ 1511.617666] Bluetooth: hci0 sending frame failed (-49)
[ 1512.812199] Bluetooth: hci1 command 0x1003 tx timeout
[ 1512.817561] Bluetooth: hci1 sending frame failed (-49)
[ 1512.882238] Bluetooth: hci3 command 0x1003 tx timeout
[ 1512.887606] Bluetooth: hci3 sending frame failed (-49)
[ 1513.682170] Bluetooth: hci0 command 0x1001 tx timeout
[ 1513.687511] Bluetooth: hci0 sending frame failed (-49)
[ 1514.882163] Bluetooth: hci1 command 0x1001 tx timeout
[ 1514.887553] Bluetooth: hci1 sending frame failed (-49)
[ 1514.962285] Bluetooth: hci3 command 0x1001 tx timeout
[ 1514.967621] Bluetooth: hci3 sending frame failed (-49)
[ 1515.761986] Bluetooth: hci0 command 0x1009 tx timeout
[ 1516.961978] Bluetooth: hci1 command 0x1009 tx timeout
[ 1517.041865] Bluetooth: hci3 command 0x1009 tx timeout
03:59:40 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000))

03:59:40 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
ioctl$SIOCAX25ADDFWD(r0, 0x89ea, &(0x7f0000000000)={@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}})
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchdir(r1)
r2 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ioctl$DRM_IOCTL_MARK_BUFS(r1, 0x40206417, &(0x7f0000000140)={0x6, 0xff, 0xd2a3, 0xffffedc3, 0x0, 0x5})
ftruncate(r2, 0x208200)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r3, r3, 0x0, 0x8080fffffffe)

03:59:40 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$inet(0x2, 0x4000000805, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
r5 = dup3(r3, r4, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @empty}], 0x10)
sendto$inet(r5, &(0x7f0000fa3fff)='\t', 0x1, 0x0, &(0x7f00006f7000)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r4, &(0x7f00003cef9f)='7', 0x1, 0x0, &(0x7f0000618000)={0x2, 0x4e20, @loopback}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000025e000)={0x2, [0x0, <r6=>0x0]}, &(0x7f0000a8a000)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x6c, &(0x7f000059aff8)={r6}, &(0x7f000034f000)=0x2059b000)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000040)={r6, 0x63}, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000140)={0xbc9f, 0x7, 0x209, 0x6, 0xfffff131, 0x1, 0x81, 0x1, r6}, &(0x7f0000000200)=0x20)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)

03:59:40 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1519.740185] Bluetooth: Unknown HCI packet type 5e
[ 1519.766781] Bluetooth: Unknown HCI packet type 5e
[ 1519.766795] Bluetooth: Unknown HCI packet type 00
[ 1519.771826] Bluetooth: Unknown HCI packet type 43
[ 1519.771831] Bluetooth: Unknown HCI packet type 5e
[ 1519.771836] Bluetooth: Unknown HCI packet type 50
[ 1519.771840] Bluetooth: Unknown HCI packet type 5e
[ 1519.771845] Bluetooth: Unknown HCI packet type 40
[ 1519.771911] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1519.808519] Bluetooth: Unknown HCI packet type 43
03:59:40 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1519.825552] Bluetooth: Unknown HCI packet type 5e
03:59:40 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r2, 0x1000)
lseek(r2, 0x0, 0x2)
r3 = open(&(0x7f00000000c0)='./bus\x00', 0x2000, 0x0)
sendfile(r2, r3, 0x0, 0x8400fffffffa)
ioctl$KVM_GET_REG_LIST(r2, 0xc008aeb0, &(0x7f0000000000)={0x2, [0x9, 0x7]})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
mount(&(0x7f0000000140)=@sr0='/dev/sr0\x00', &(0x7f0000000180)='./bus\x00', &(0x7f0000000200)='erofs\x00', 0x810, &(0x7f0000000240)='md5summd5sum&\'keyring\x00')
sendfile(r4, r4, 0x0, 0x8080fffffffe)

[ 1519.849841] Bluetooth: Unknown HCI packet type 50
[ 1519.867862] Bluetooth: Unknown HCI packet type 5e
[ 1519.882878] Bluetooth: Unknown HCI packet type 40
03:59:41 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:41 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="73935b2c6535a9b219827c52074a40afd8c1cab2016dd5614a1b602f01a700026399e05734452e000014fdcfd8ffe81e01059ffa5acfe3f7eea538dda031b7c8a464e19a4bd0a836055a5b190539ca5dbad9d84a77d7"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x331100, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(r2, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x58, 0xe, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x5)
ftruncate(r1, 0x208200)
write$sndseq(r1, &(0x7f0000000000)=[{0x2, 0xff, 0x4, 0x4, @tick=0x1f, {0x1, 0x9}, {0x4, 0x4}, @time=@tick=0x6}], 0x1c)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x4)
sendfile(r3, r3, 0x0, 0x8080fffffffe)

[ 1520.999848] tmpfs: No value for mount option 's“['
03:59:41 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = getpid()
sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x4, 0x0, 0x10000}, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, <r3=>0x0}, &(0x7f0000000280)=0x5)
setuid(r3)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000300)={0x8, 0x24d, {<r4=>r1}, {r3}, 0x5748, 0x8})
r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x80, 0x0)
perf_event_open(&(0x7f0000000280)={0x3, 0x70, 0x8, 0x4e, 0x4, 0x4, 0x0, 0x7, 0x8000, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0xca, 0x0, @perf_config_ext, 0x81, 0x7ff, 0x3, 0x8, 0x5, 0x6, 0x1}, r4, 0x6, r5, 0x9)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000240)={0xffff, 0xfffffff7, 0xff, 0x20, 0x3, "0d38c53fe53b9585305bee09c813509a272a41"})
r6 = socket(0x10, 0x803, 0xfffffffe)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r8=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6769643da54f29293c7e135654b6c377840024631d68881995d359d4ae", @ANYRESHEX=r8, @ANYBLOB=',\x00'])

03:59:41 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:41 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
r1 = add_key(&(0x7f0000000080)='rxrpc\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$read(0xb, r1, 0x0, 0x0)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ubi_ctrl\x00', 0xa000, 0x0)
ioctl$LOOP_GET_STATUS64(r2, 0x4c05, &(0x7f0000000140))
r3 = add_key(&(0x7f0000000080)='rxrpc\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$read(0xb, r3, 0x0, 0x0)
keyctl$reject(0x13, r1, 0x100000001, 0xfffffffffffffff9, r3)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

[ 1521.092683] Bluetooth: Unknown HCI packet type 5e
[ 1521.099028] Bluetooth: Unknown HCI packet type 43
[ 1521.118224] Bluetooth: Unknown HCI packet type 5e
[ 1521.121401] Bluetooth: Unknown HCI packet type 5e
[ 1521.130350] Bluetooth: Unknown HCI packet type 43
[ 1521.135709] Bluetooth: Unknown HCI packet type 50
03:59:41 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1521.136613] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1521.156621] Bluetooth: Unknown HCI packet type 5e
[ 1521.156639] Bluetooth: Unknown HCI packet type 5e
[ 1521.173589] tmpfs: No value for mount option 's“['
[ 1521.195712] Bluetooth: Unknown HCI packet type 40
[ 1521.203868] Bluetooth: Unknown HCI packet type 50
[ 1521.216141] Bluetooth: Unknown HCI packet type 5e
[ 1521.225171] Bluetooth: Unknown HCI packet type 40
[ 1521.761525] Bluetooth: hci0 command 0x1003 tx timeout
[ 1521.767047] Bluetooth: hci0 sending frame failed (-49)
[ 1521.851525] Bluetooth: hci2 command 0x1003 tx timeout
[ 1521.856912] Bluetooth: hci2 sending frame failed (-49)
[ 1523.121402] Bluetooth: hci1 command 0x1003 tx timeout
[ 1523.121421] Bluetooth: hci3 command 0x1003 tx timeout
[ 1523.126765] Bluetooth: hci1 sending frame failed (-49)
[ 1523.137292] Bluetooth: hci3 sending frame failed (-49)
[ 1523.841379] Bluetooth: hci0 command 0x1001 tx timeout
[ 1523.846786] Bluetooth: hci0 sending frame failed (-49)
[ 1523.921405] Bluetooth: hci2 command 0x1001 tx timeout
[ 1523.926747] Bluetooth: hci2 sending frame failed (-49)
[ 1525.201372] Bluetooth: hci3 command 0x1001 tx timeout
[ 1525.206716] Bluetooth: hci1 command 0x1001 tx timeout
[ 1525.206765] Bluetooth: hci3 sending frame failed (-49)
[ 1525.214014] Bluetooth: hci1 sending frame failed (-49)
[ 1525.921353] Bluetooth: hci0 command 0x1009 tx timeout
[ 1526.001308] Bluetooth: hci2 command 0x1009 tx timeout
[ 1527.281214] Bluetooth: hci3 command 0x1009 tx timeout
[ 1527.281219] Bluetooth: hci1 command 0x1009 tx timeout
03:59:50 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:50 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000000)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRESHEX=r0, @ANYRES32=r4, @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYRESHEX]])
r7 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r8, 0x208200)
r9 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
r10 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x600000, 0x0)
sendfile(r10, r9, 0x0, 0x8080fffffffe)

03:59:50 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x29, 0x80000, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

03:59:50 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x581, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x17020}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb, 0x1, 'macsec\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PROTECT={0x5}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@newchain={0x34, 0x64, 0x400, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r7, {0xe, 0xffe0}, {0xfff2, 0xd}, {0xb, 0x4}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x9, 0x1}}]}, 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x20000000)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:59:50 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1529.956850] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1530.025844] Bluetooth: Unknown HCI packet type 5e
[ 1530.025860] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1530.031165] Bluetooth: Unknown HCI packet type 43
[ 1530.045751] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1530.062726] Bluetooth: Unknown HCI packet type 5e
[ 1530.073705] tmpfs: No value for mount option 'ÿÿÿÿ0x0000000000000003'
[ 1530.084666] Bluetooth: Unknown HCI packet type 5e
[ 1530.094157] Bluetooth: Unknown HCI packet type 43
[ 1530.096153] Bluetooth: Unknown HCI packet type 50
[ 1530.107692] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
03:59:50 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1530.126810] Bluetooth: Unknown HCI packet type 5e
[ 1530.148576] Bluetooth: Unknown HCI packet type 50
[ 1530.156155] Bluetooth: Unknown HCI packet type 5e
[ 1530.172536] Bluetooth: Unknown HCI packet type 5e
[ 1530.172539] Bluetooth: Unknown HCI packet type 40
[ 1530.189775] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
03:59:50 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1530.189889] Bluetooth: Unknown HCI packet type 40
[ 1530.253262] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1530.254995] tmpfs: No value for mount option 'ÿÿÿÿ0x0000000000000003'
[ 1530.272339] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
03:59:50 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB="c6292fdfe740aba82d39d236ab243325a1780500000000000000007274ce37fba681b500d2c8140200000000000000b37e04000000758e8759c477cfc22ca7c07ced93b665d9e45871ee687d63f44d4da68ae52f521c2b62b2dd53675397dc239eaec6a924403df62d16eec3677800"/121], 0xfc7c)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1530.297386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=100 sclass=netlink_route_socket pig=21181 comm=syz-executor.0
[ 1530.344296] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
03:59:51 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000240)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0))

03:59:51 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
fallocate(r0, 0x0, 0x0, 0x8000)

03:59:51 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xe)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x40, 0x0)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)

03:59:51 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="73697a653d3721941726744425922800480961a94c882844dfc831a1819ffda6065f0b04f85163c430e76c09bd8bb6b29a97067a0ec5c7405a3bc9fa3e2b4ecd7b754d88d825fdb0cb5167126fea93bcfecb5a27246082673fa5d7c88a6cbc9d22b661f8ebdba9b592fe5b766cb6cb18919edb90626146e46968b859dad506f5ede82ebb715505c57d870bb50a614f6d7cfccd55b17be7ba1e59682a3096f03da2e4d9601d5c5fc2baedf0ba5f006990fa76f8794a6da5863513bdd58dd6f3afb3423afef3d26d38d3d3890a26c952e76f56213a8398ec4664a06c7f97f1fc27ab94d0ca2b550000000000000000002978493af31b20bfbe77296f2714b400a542170ed025fca0f0038dce3d2e6081f097652b783611d37919e2eb02bc5760e55c18348e17b6310a9758b85a7ae8a191362ebf9d36aeb0865c79616c55532c87eb6be00856d7591599d1acd400f538f72c62c947a7b1390941d0e0489b0c0689ddc3fe78912de65d0463659b5aef6b269f0898982a3319c38a03587219f2080a6841f597a9e80b1183bd9f1154a36281157a4fd62ce24d0ab273289a83dc317a61b953a7f481f5387b48221e19"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(0xffffffffffffffff, 0x8b)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
lseek(r1, 0x0, 0x2)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
fcntl$notify(r2, 0x402, 0x0)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r3, 0x0, 0x8400fffffffa)
ioctl$FBIOPAN_DISPLAY(r1, 0x4606, &(0x7f0000000200)={0xf00, 0x300, 0x80, 0x800, 0x7, 0x0, 0x1, 0x2, {0xffffffff, 0xfffffffa, 0x1}, {0x8, 0x81, 0x1}, {0x3ff, 0x3, 0x1}, {0xffffffff}, 0x3, 0x100, 0x7fff, 0x2, 0x1, 0x80, 0x9, 0x36, 0x8f, 0x7fffffff, 0x40, 0xfff, 0x27, 0x0, 0x1, 0x4})
r4 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r4, r4, 0x0, 0x8080fffffffe)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$rose(0xffffffffffffffff, 0x104, 0x7, &(0x7f0000000140)=0x1, 0x4)

03:59:51 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1531.274321] Bluetooth: Unknown HCI packet type 5e
[ 1531.290626] tmpfs: Bad value '7!”&tD%’(' for mount option 'size'
[ 1531.291100] Bluetooth: Unknown HCI packet type 43
[ 1531.304359] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1531.324101] Bluetooth: Unknown HCI packet type 5e
[ 1531.329241] audit: type=1804 audit(1586318391.893:211): pid=21225 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/183/file0/bus" dev="sda1" ino=15899 res=1
[ 1531.360638] Bluetooth: Unknown HCI packet type 5e
[ 1531.372171] Bluetooth: Unknown HCI packet type 43
[ 1531.377296] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1531.382380] hfs: can't find a HFS filesystem on dev loop4
[ 1531.399761] Bluetooth: Unknown HCI packet type 5e
[ 1531.406555] Bluetooth: Unknown HCI packet type 50
[ 1531.415494] Bluetooth: Unknown HCI packet type 50
[ 1531.422330] Bluetooth: Unknown HCI packet type 5e
[ 1531.427817] Bluetooth: Unknown HCI packet type 5e
[ 1531.436922] Bluetooth: Unknown HCI packet type 40
[ 1531.445481] Bluetooth: Unknown HCI packet type 40
03:59:52 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1531.460211] audit: type=1804 audit(1586318391.953:212): pid=21240 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/183/file0/bus" dev="sda1" ino=15899 res=1
[ 1532.080802] Bluetooth: hci2 command 0x1003 tx timeout
[ 1532.081306] Bluetooth: hci0 command 0x1003 tx timeout
[ 1532.086349] Bluetooth: hci2 sending frame failed (-49)
[ 1532.097498] Bluetooth: hci0 sending frame failed (-49)
[ 1532.219718] tmpfs: Bad value '7!”&tD%’(' for mount option 'size'
[ 1532.296668] audit: type=1804 audit(1586318392.863:213): pid=21240 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/183/file0/file0/bus" dev="sda1" ino=15919 res=1
[ 1532.368504] audit: type=1804 audit(1586318392.893:214): pid=21254 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.2" name="/root/syzkaller-testdir078478298/syzkaller.UTB6oi/183/file0/file0/bus" dev="sda1" ino=15919 res=1
[ 1533.280756] Bluetooth: hci1 command 0x1003 tx timeout
[ 1533.286194] Bluetooth: hci1 sending frame failed (-49)
[ 1533.360806] Bluetooth: hci3 command 0x1003 tx timeout
[ 1533.366171] Bluetooth: hci3 sending frame failed (-49)
[ 1534.160714] Bluetooth: hci0 command 0x1001 tx timeout
[ 1534.166082] Bluetooth: hci0 sending frame failed (-49)
[ 1534.172315] Bluetooth: hci2 command 0x1001 tx timeout
[ 1534.177645] Bluetooth: hci2 sending frame failed (-49)
[ 1535.360755] Bluetooth: hci1 command 0x1001 tx timeout
[ 1535.366089] Bluetooth: hci1 sending frame failed (-49)
[ 1535.440628] Bluetooth: hci3 command 0x1001 tx timeout
[ 1535.445980] Bluetooth: hci3 sending frame failed (-49)
[ 1536.240602] Bluetooth: hci0 command 0x1009 tx timeout
[ 1536.240631] Bluetooth: hci2 command 0x1009 tx timeout
[ 1537.440516] Bluetooth: hci1 command 0x1009 tx timeout
[ 1537.520536] Bluetooth: hci3 command 0x1009 tx timeout
04:00:00 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16], 0x2a)
fallocate(r0, 0x0, 0x0, 0x8000)

04:00:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4032)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r2 = socket(0x14, 0x80000, 0xa3df)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
syz_mount_image$hfs(&(0x7f0000000240)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x3, 0x0, 0x0, 0x3000469, &(0x7f0000000340)={[{@gid={'gid', 0x3d, r3}}], [{@uid_eq={'uid', 0x3d, r4}}, {@appraise='appraise'}, {@fscontext={'fscontext', 0x3d, 'user_u'}}]})

04:00:00 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x1, 0x0, 0x0, 0x848, &(0x7f0000000340)=ANY=[@ANYBLOB="000000144600"])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x140, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000500)={0x2, 0x8000}, 0x4)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000400)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_PORTS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r4, 0x1}, 0x1c}}, 0x0)
sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x24, r4, 0x4, 0x70bd29, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x6}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x40000)
fchdir(r0)
r5 = creat(&(0x7f0000000480)='./file0\x00', 0x80)
ftruncate(r5, 0x208200)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r6, r6, 0x0, 0x8080fffffffe)
r7 = creat(&(0x7f0000000440)='./bus\x00', 0x40)
io_setup(0x2, &(0x7f00000004c0)=<r8=>0x0)
io_submit(r8, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r7, &(0x7f0000000000), 0x10000}])
io_submit(r8, 0x1, &(0x7f00000000c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x7, r6, &(0x7f0000000200)="b9af5aaaaa6f46b0b1ae36f2e92231beabfd48d4724f63388636b61f320a097d81dece0693fd816e4cad7a472fbda851b05c74632d25b4dd4c589a334d5f288686cd1551038ddf0a570efa657ce0b9be3b710cb8a3eddd5471b1e616df617d6207047fdab34abfca087c7cc857f7f9196c711428773e09149843beb2d8bc09cbcda011a68a3b24797945c10966f8c1e45ae20f014b91c5b17e6c60866f83435d0ad119f5ec76cb0b7978fc52e23be09e71d753699ca2a66eaef54e02dd515d28fe1044f92b027789916f443ac2dab201fb742deaa9731982814c07f4cb36b1c6b4", 0xe1, 0x3ff, 0x0, 0x2, r7}])

04:00:00 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f00000002c0)={0x87, 0x7ff})
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x16)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c000100766574680000000018000200fd0001000000000023c0306554362dddcb892ef8051404bde5bf296e3c566a03d724f7ead1ef33adfdbe08b8c5236b93b9797b4409f6e370d1515d2e1fa63259e6d4bd05772981", @ANYRES32=0x0, @ANYBLOB="00000079abd1932a9ec8a3a63673a36d66b103e1fdbb4678731c44d5772a8b52f88132613f2ab9faa48e75b0508e2367018dc4479c6757b0a5622107e780a52d43a222d4aa8fa0c3e961e2401d5dbb22107ce4584d22a35c2ff5c7069779f3a8e888a8ac94312cdb43f7907ebfcf3dc4ad1f5e7577c5c2c9146439e6910c437a8213e177dfca08fb12f6c6a8343821e53d1f0ef24575797141dd16b8065042500017c0bab7265ba185fa61404145c500be7e57f2af455765c675c710da30fb915abbfcb8fe5e5a54f998aeb8ecb869537d7ddb529a8d66a4905586c9dd0d81d4841e2c90bd8fa2bf3802bf963edaae01ebd125510bbe75beac077af773d5d2a34b256e8369f68b0fcab87c7ee033997f53b635b59ac5aa1456d0b35e1dd734149dbcf541d744962b2bd0ece4c267760c3a6d4bce9b03000000cfa703a1a48b59700f8c902e46ae26e6e31185a19c07959edcb6bfc88c9e6bc124147521f6eb327231e35785951377c40b713a4f6854b02c428bef068f9494aa8fc9f99ddff40ef4fdc9360eb1bc2a25ac491f2bc9c7a23fe5662170feb55b3999b45b8b80a8438df19e183d854691a1f2b34352fed522c4265e4ece52f35d351a1676982ce0f2eb2c454b9df04b976179611f1be4deac0dd4c79a122f3d33e52bcce38808809820094c31af5cca2d79bf783bb87588d8c21bad663bbde2644cab2b605d0ca91b5c2417ab7c7bba5173b0bfddfd1d87ce6d257c0526fc051adaf783cb44e5f09899886b26ca746f8d2b392e0871bca6f1cb40c5ac1bf5ca80b934424deddfb547d8f9a38a25aa39752cac866986bb0faaf07ffeecd27bd736fa1a058ee5b17adbde605eb5f3648b4ee013640d018b42ef6b"], 0x48}}, 0x0)
r6 = accept(r3, &(0x7f0000000240)=@rc={0x1f, @fixed}, &(0x7f00000000c0)=0x80)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r6, 0x84, 0x12, &(0x7f0000000140)=0x2, 0x4)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

04:00:00 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16], 0x2a)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1540.236022] Bluetooth: Unknown HCI packet type 5e
[ 1540.247143] audit: type=1804 audit(1586318400.813:215): pid=21272 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir379259420/syzkaller.JhXCvk/242/bus" dev="sda1" ino=16097 res=1
[ 1540.248941] Bluetooth: Unknown HCI packet type 43
04:00:00 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16], 0x2a)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1540.315131] Bluetooth: Unknown HCI packet type 16
[ 1540.355385] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[ 1540.409689] Bluetooth: Unknown HCI packet type 5e
[ 1540.422972] Bluetooth: Unknown HCI packet type 50
[ 1540.442469] Bluetooth: Unknown HCI packet type 5e
[ 1540.452975] Bluetooth: Unknown HCI packet type 40
04:00:02 executing program 0 (fault-call:3 fault-nth:0):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x3)

04:00:02 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB], 0x2a)
fallocate(r0, 0x0, 0x0, 0x8000)

04:00:02 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000680)='./bus\x00', 0x0)
ftruncate(r1, 0x1000)
lseek(r1, 0x0, 0x2)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x8400fffffffa)
ioctl$TIOCNOTTY(r2, 0x5422)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x2004023)

04:00:02 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x2)
sendfile(r2, r2, 0x0, 0x8080fffffffe)

04:00:02 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x4)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f0000000000)=0x4033)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
setsockopt$packet_buf(r2, 0x107, 0x1e, &(0x7f0000000240)="ef1067fa027dca49992ba540d0bd57488814c114f27206e61a6581a1d28bc9250cc085801688f590a4e9c715c3e62be63fad773558a4be5f75480ffa9599249989d81bdb7e5b320024a82b6d63fc6220f668d01273234d91980067711e70a314df0307b78f0defece83f6d064010175976b52b5d727babb4d02f784480df6ddaf5f5f618c531f6eb56475aeb26febdfb16967074298d5de23daf5ad6bc1a2b97d15aa33cd1d56ea352fd1f18bf6ba33ab525d5add07a340abaedd075c0727244194e5d08d08cb9e1ffe4124a513604d47b0b2dd0177e83a64a165d830291798c5a2187f0982970fe3cc3f1c5caf7", 0xee)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getresuid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140))
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)={[{@gid={'gid', 0x3d, r4}}]})

[ 1541.540531] FAULT_INJECTION: forcing a failure.
[ 1541.540531] name failslab, interval 1, probability 0, space 0, times 0
[ 1541.552639] kasan: CONFIG_KASAN_INLINE enabled
[ 1541.557783] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 1541.583351] audit: type=1804 audit(1586318402.154:216): pid=21324 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir507075441/syzkaller.34WInl/171/bus" dev="sda1" ino=16177 res=1
[ 1541.608190] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1541.616070] Bluetooth: Unknown HCI packet type 5e
[ 1541.625707] Bluetooth: Unknown HCI packet type 43
[ 1541.636011] Bluetooth: Unknown HCI packet type 5e
[ 1541.640724] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 1541.641966] Bluetooth: Unknown HCI packet type 43
[ 1541.647146] Modules linked in:
[ 1541.647158] CPU: 1 PID: 2334 Comm: kworker/u4:4 Not tainted 4.14.175-syzkaller #0
[ 1541.647162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1541.647244] Workqueue: events_unbound flush_to_ldisc
[ 1541.652374] Bluetooth: Unknown HCI packet type 23
[ 1541.655217] task: ffff8880a16b62c0 task.stack: ffff8880a16c8000
[ 1541.655232] RIP: 0010:skb_put+0x2b/0x1a0
[ 1541.655236] RSP: 0018:ffff8880a16cfb90 EFLAGS: 00010202
[ 1541.655246] RAX: dffffc0000000000 RBX: ffff888099e06ac0 RCX: ffff88809ae02040
[ 1541.688640] Bluetooth: Unknown HCI packet type 5e
[ 1541.692261] RDX: 0000000000000019 RSI: 0000000000000003 RDI: 0000000000000000
[ 1541.692266] RBP: 0000000000000000 R08: 0000000000004983 R09: ffffffff8a080498
[ 1541.692270] R10: ffff8880a16b6be0 R11: ffff8880a16b62c0 R12: 0000000000000003
[ 1541.692274] R13: ffff888099e06ad0 R14: 00000000000000c8 R15: ffff88809af6d6a0
[ 1541.692279] FS:  0000000000000000(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
[ 1541.692283] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1541.692287] CR2: 00005626838cd287 CR3: 0000000052dfd000 CR4: 00000000001406e0
[ 1541.692294] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1541.692301] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1541.774656] Call Trace:
[ 1541.777302]  ll_recv+0x4fe/0x1040
[ 1541.780745]  hci_uart_tty_receive+0x1ec/0x4c0
[ 1541.785223]  ? hci_uart_write_work+0x670/0x670
[ 1541.789790]  tty_ldisc_receive_buf+0x12e/0x170
[ 1541.794360]  tty_port_default_receive_buf+0x6e/0xa0
[ 1541.799364]  flush_to_ldisc+0x1dd/0x3f0
[ 1541.803345]  process_one_work+0x813/0x1540
[ 1541.807566]  ? pwq_dec_nr_in_flight+0x2b0/0x2b0
[ 1541.812224]  ? worker_thread+0x15d/0x1070
[ 1541.816357]  worker_thread+0x5d1/0x1070
[ 1541.820315]  ? process_one_work+0x1540/0x1540
[ 1541.824849]  kthread+0x30d/0x420
[ 1541.828197]  ? kthread_create_on_node+0xd0/0xd0
[ 1541.832851]  ret_from_fork+0x24/0x30
04:00:02 executing program 1:
r0 = creat(&(0x7f0000000040)='./file1\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xd4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES16, @ANYBLOB], 0x2a)
fallocate(r0, 0x0, 0x0, 0x8000)

[ 1541.836548] Code: 41 56 41 55 41 54 41 89 f4 55 48 89 fd 4c 8d b5 c8 00 00 00 53 e8 66 e9 60 fc 4c 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <0f> b6 14 02 4c 89 f0 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 
[ 1541.855685] RIP: skb_put+0x2b/0x1a0 RSP: ffff8880a16cfb90
[ 1541.870645] CPU: 1 PID: 21318 Comm: syz-executor.0 Tainted: G      D         4.14.175-syzkaller #0
[ 1541.876372] Bluetooth: Unknown HCI packet type 50
[ 1541.879781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1541.879785] Call Trace:
[ 1541.879805]  dump_stack+0x13e/0x194
[ 1541.879820]  should_fail.cold+0x10a/0x14b
[ 1541.879846]  should_failslab+0xd6/0x130
[ 1541.896683] Bluetooth: Unknown HCI packet type 5e
[ 1541.896703]  kmem_cache_alloc_node+0x55/0x7a0
[ 1541.918859]  ? check_preemption_disabled+0x35/0x240
[ 1541.922186] Bluetooth: Unknown HCI packet type 50
[ 1541.923885]  ? perf_trace_lock_acquire+0x10d/0x4b0
[ 1541.923899]  __alloc_skb+0x9a/0x4c0
[ 1541.923911]  ? skb_trim+0x160/0x160
[ 1541.928880] Bluetooth: Unknown HCI packet type 5e
[ 1541.933686]  ? __ldsem_down_read_nested+0xc6/0x5d0
[ 1541.933700]  ll_recv+0x3d6/0x1040
[ 1541.933715]  hci_uart_tty_receive+0x1ec/0x4c0
[ 1541.933722]  ? hci_uart_write_work+0x670/0x670
[ 1541.933794]  tty_ioctl+0xd5b/0x1220
[ 1541.933804]  ? tty_vhangup+0x30/0x30
[ 1541.956011] Bluetooth: Unknown HCI packet type 5e
[ 1541.960842]  ? trace_hardirqs_on+0x10/0x10
[ 1541.960861]  ? tty_vhangup+0x30/0x30
[ 1541.960871]  do_vfs_ioctl+0x75a/0xfe0
[ 1541.960882]  ? selinux_file_mprotect+0x5c0/0x5c0
[ 1541.960892]  ? ioctl_preallocate+0x1a0/0x1a0
[ 1541.998505]  ? security_file_ioctl+0x76/0xb0
[ 1542.002913]  ? security_file_ioctl+0x83/0xb0
[ 1542.007321]  SyS_ioctl+0x7f/0xb0
[ 1542.010673]  ? do_vfs_ioctl+0xfe0/0xfe0
[ 1542.014637]  do_syscall_64+0x1d5/0x640
[ 1542.018522]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[ 1542.023711] RIP: 0033:0x45c889
[ 1542.026898] RSP: 002b:00007fe22f810c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
04:00:02 executing program 2:
syz_mount_image$tmpfs(&(0x7f00000001c0)='tmpfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='size=7'])
r0 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
write$binfmt_script(r2, &(0x7f0000000200)={'#! ', './file0', [{0x20, 'tmpfs\x00'}, {0x20, 'tmpfs\x00'}, {0x20, ',lo.-,md5sumuser'}, {0x20, 'tmpfs\x00'}, {}, {0x20, 'userGPL'}, {0x20, 'T\xc6'}], 0xa, "91a7fd6615354c5ae2f20ff2c146fd49c5da91f573da164872248426793ccbdb1669777828190ee1c79a98a288d0def78e0fb93dd56387928a5b86d29f14a78992e415f85a14c3c821e83d1d655f11634ed5c321ecaca009ab5794b9680a96325760eac32c38053c1a53c3372930839f52a1d418de359765daf784220382cd48428506e59aaf066916a2648ec426890ca3ec04334caed09ffc24d1766e2ae0e9007557fce5f8"}, 0xe3)
r3 = open(&(0x7f0000000040)='./bus\x00', 0x17e, 0x0)
sendfile(r3, r3, 0x0, 0x8080fffffffe)

[ 1542.034612] RAX: ffffffffffffffda RBX: 00007fe22f8116d4 RCX: 000000000045c889
[ 1542.041874] RDX: 0000000020000000 RSI: 0000000000005412 RDI: 0000000000000003
[ 1542.049133] RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
[ 1542.056411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1542.063672] R13: 0000000000000582 R14: 00000000004c81b7 R15: 0000000000000000
[ 1542.094078] hfs: gid requires an argument
[ 1542.098280] hfs: unable to parse mount options
[ 1542.121789] Bluetooth: Can't allocate mem for new packet
[ 1542.124128] Bluetooth: Unknown HCI packet type 40
[ 1542.133858] ---[ end trace 4e5b5fb95f60aa1a ]---
[ 1542.138695] Kernel panic - not syncing: Fatal exception
[ 1542.145753] Kernel Offset: disabled
[ 1542.149532] Rebooting in 86400 seconds..