+0x115/0x3f0
[ 3426.578932]  do_recvmmsg+0x27c/0x7a0
[ 3426.582638]  ? ___sys_recvmsg+0x5d0/0x5d0
[ 3426.586779]  ? _copy_from_user+0xdd/0x150
[ 3426.591336]  __sys_recvmmsg+0xe5/0x270
[ 3426.595202]  ? __ia32_sys_recvmsg+0xb0/0xb0
[ 3426.599510]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3426.604246]  ? do_syscall_64+0x26/0x610
[ 3426.608194]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3426.613534]  ? do_syscall_64+0x26/0x610
[ 3426.617504]  __x64_sys_recvmmsg+0xe6/0x140
[ 3426.621729]  do_syscall_64+0x103/0x610
[ 3426.625605]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3426.630774] RIP: 0033:0x457e39
[ 3426.633945] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3426.652821] RSP: 002b:00007ff15415fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 3426.660505] RAX: ffffffffffffffda RBX: 00007ff15415fc90 RCX: 0000000000457e39
18:26:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x01\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:55 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB])

[ 3426.667754] RDX: 0400000000000228 RSI: 00000000200037c0 RDI: 0000000000000003
[ 3426.675014] RBP: 000000000073bf00 R08: 0000000020003700 R09: 0000000000000000
[ 3426.682270] R10: 0000000000000006 R11: 0000000000000246 R12: 00007ff1541606d4
[ 3426.689523] R13: 00000000004c4b6d R14: 00000000004d85c8 R15: 0000000000000004
[ 3426.699043] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:55 executing program 2 (fault-call:2 fault-nth:27):
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x6000000}, 0x0)

[ 3426.749798] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3426.756667] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3426.757364] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:55 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x60}, 0x0)

18:26:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3426.831279] FAULT_INJECTION: forcing a failure.
[ 3426.831279] name failslab, interval 1, probability 0, space 0, times 0
[ 3426.870525] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[ 3426.922485] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3426.923211] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3426.949607] CPU: 0 PID: 5243 Comm: syz-executor2 Not tainted 5.0.0-rc5+ #61
[ 3426.956715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3426.966056] Call Trace:
[ 3426.968625]  dump_stack+0x172/0x1f0
[ 3426.972243]  should_fail.cold+0xa/0x1b
[ 3426.976121]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3426.981207]  ? netlink_dump+0xe7/0xfb0
[ 3426.985074]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3426.990599]  ? should_fail+0x14d/0x85c
[ 3426.994476]  __should_failslab+0x121/0x190
[ 3426.998777]  should_failslab+0x9/0x14
[ 3427.002558]  kmem_cache_alloc_node_trace+0x5a/0x720
[ 3427.007559]  ? __alloc_skb+0xd5/0x5e0
[ 3427.011346]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3427.016783]  __kmalloc_node_track_caller+0x3d/0x70
[ 3427.021818]  __kmalloc_reserve.isra.0+0x40/0xf0
[ 3427.026470]  __alloc_skb+0x10b/0x5e0
[ 3427.030164]  ? skb_scrub_packet+0x440/0x440
[ 3427.034466]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3427.039982]  netlink_dump+0x312/0xfb0
[ 3427.043762]  ? refcount_inc_checked+0x70/0x70
[ 3427.048234]  ? netlink_broadcast+0x50/0x50
[ 3427.052452]  ? refcount_dec_and_test_checked+0x1b/0x20
[ 3427.057705]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 3427.063223]  ? consume_skb+0xef/0x380
[ 3427.067002]  netlink_recvmsg+0xb9f/0xf10
[ 3427.071040]  ? netlink_dump+0xfb0/0xfb0
[ 3427.074999]  ? copy_msghdr_from_user+0x2d0/0x430
[ 3427.079736]  ? netlink_dump+0xfb0/0xfb0
[ 3427.083695]  sock_recvmsg_nosec+0x8c/0xb0
[ 3427.087828]  ? __sock_tx_timestamp+0xd0/0xd0
[ 3427.092211]  ___sys_recvmsg+0x273/0x5d0
[ 3427.096182]  ? ___sys_sendmsg+0x930/0x930
[ 3427.100312]  ? do_recvmmsg+0x329/0x7a0
[ 3427.104176]  ? find_held_lock+0x35/0x130
[ 3427.108219]  ? do_recvmmsg+0x329/0x7a0
[ 3427.112083]  ? find_held_lock+0x35/0x130
[ 3427.116122]  ? ktime_get_ts64+0x115/0x3f0
[ 3427.120253]  do_recvmmsg+0x27c/0x7a0
[ 3427.123949]  ? ___sys_recvmsg+0x5d0/0x5d0
[ 3427.128076]  ? _copy_from_user+0xdd/0x150
[ 3427.132229]  __sys_recvmmsg+0xe5/0x270
[ 3427.136211]  ? __ia32_sys_recvmsg+0xb0/0xb0
[ 3427.140512]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3427.145254]  ? do_syscall_64+0x26/0x610
[ 3427.149211]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3427.154550]  ? do_syscall_64+0x26/0x610
[ 3427.158503]  __x64_sys_recvmmsg+0xe6/0x140
[ 3427.162715]  do_syscall_64+0x103/0x610
[ 3427.166579]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3427.171741] RIP: 0033:0x457e39
[ 3427.174910] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3427.193786] RSP: 002b:00007ff15415fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 3427.201465] RAX: ffffffffffffffda RBX: 00007ff15415fc90 RCX: 0000000000457e39
[ 3427.208708] RDX: 0400000000000228 RSI: 00000000200037c0 RDI: 0000000000000003
[ 3427.215961] RBP: 000000000073bf00 R08: 0000000020003700 R09: 0000000000000000
18:26:55 executing program 1:
clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000200)={0x80033d, 0x20000000209, 0x0, <r1=>0xffffffffffffffff})
r2 = dup2(r0, r1)
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000000)={0x9cf0000008, 0x9})

18:26:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3427.223212] R10: 0000000000000006 R11: 0000000000000246 R12: 00007ff1541606d4
[ 3427.230463] R13: 00000000004c4b6d R14: 00000000004d85c8 R15: 0000000000000004
[ 3427.250474] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:55 executing program 1:

18:26:55 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB])

18:26:55 executing program 2 (fault-call:2 fault-nth:28):
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3427.284702] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3427.295527] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:55 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf0}, 0x0)

[ 3427.301392] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x7000000}, 0x0)

[ 3427.383011] FAULT_INJECTION: forcing a failure.
[ 3427.383011] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3427.394833] CPU: 0 PID: 5279 Comm: syz-executor2 Not tainted 5.0.0-rc5+ #61
[ 3427.398408] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[ 3427.401918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3427.401924] Call Trace:
[ 3427.401943]  dump_stack+0x172/0x1f0
[ 3427.401959]  should_fail.cold+0xa/0x1b
18:26:55 executing program 1:

18:26:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3427.421267]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3427.421280]  ? save_stack+0x45/0xd0
[ 3427.421293]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3427.436408]  ? kasan_slab_alloc+0xf/0x20
[ 3427.436425]  ? kmem_cache_alloc_node+0x144/0x710
[ 3427.436435]  ? __alloc_skb+0xd5/0x5e0
[ 3427.436449]  should_fail_alloc_page+0x50/0x60
[ 3427.462181]  __alloc_pages_nodemask+0x1a1/0x710
[ 3427.466847]  ? __alloc_pages_slowpath+0x2900/0x2900
[ 3427.471856]  ? __skb_try_recv_datagram+0x2a8/0x470
[ 3427.476779]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3427.481880]  ? netlink_dump+0xe7/0xfb0
[ 3427.485758]  cache_grow_begin+0x9c/0x8c0
[ 3427.489801]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3427.495314]  ? check_preemption_disabled+0x48/0x290
[ 3427.500306]  kmem_cache_alloc_node_trace+0x658/0x720
[ 3427.505388]  __kmalloc_node_track_caller+0x3d/0x70
[ 3427.510298]  __kmalloc_reserve.isra.0+0x40/0xf0
[ 3427.514956]  __alloc_skb+0x10b/0x5e0
[ 3427.518740]  ? skb_scrub_packet+0x440/0x440
[ 3427.523034]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3427.528553]  netlink_dump+0x312/0xfb0
[ 3427.532336]  ? refcount_inc_checked+0x70/0x70
[ 3427.536810]  ? netlink_broadcast+0x50/0x50
[ 3427.541031]  ? refcount_dec_and_test_checked+0x1b/0x20
[ 3427.546287]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 3427.551797]  ? consume_skb+0xef/0x380
[ 3427.555585]  netlink_recvmsg+0xb9f/0xf10
[ 3427.559649]  ? netlink_dump+0xfb0/0xfb0
[ 3427.563602]  ? copy_msghdr_from_user+0x2d0/0x430
[ 3427.568337]  ? netlink_dump+0xfb0/0xfb0
[ 3427.572289]  sock_recvmsg_nosec+0x8c/0xb0
[ 3427.576649]  ? __sock_tx_timestamp+0xd0/0xd0
[ 3427.581031]  ___sys_recvmsg+0x273/0x5d0
[ 3427.584994]  ? ___sys_sendmsg+0x930/0x930
[ 3427.589124]  ? do_recvmmsg+0x329/0x7a0
[ 3427.593001]  ? find_held_lock+0x35/0x130
[ 3427.597048]  ? do_recvmmsg+0x329/0x7a0
[ 3427.600920]  ? find_held_lock+0x35/0x130
[ 3427.604960]  ? ktime_get_ts64+0x115/0x3f0
[ 3427.609102]  do_recvmmsg+0x27c/0x7a0
[ 3427.612797]  ? ___sys_recvmsg+0x5d0/0x5d0
[ 3427.616927]  ? _copy_from_user+0xdd/0x150
[ 3427.621071]  __sys_recvmmsg+0xe5/0x270
[ 3427.624942]  ? __ia32_sys_recvmsg+0xb0/0xb0
[ 3427.629249]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3427.633987]  ? do_syscall_64+0x26/0x610
[ 3427.637943]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3427.643282]  ? do_syscall_64+0x26/0x610
[ 3427.647235]  __x64_sys_recvmmsg+0xe6/0x140
[ 3427.651465]  do_syscall_64+0x103/0x610
[ 3427.655331]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3427.660493] RIP: 0033:0x457e39
[ 3427.663666] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3427.682548] RSP: 002b:00007ff15415fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 3427.690230] RAX: ffffffffffffffda RBX: 00007ff15415fc90 RCX: 0000000000457e39
[ 3427.697479] RDX: 0400000000000228 RSI: 00000000200037c0 RDI: 0000000000000003
[ 3427.704725] RBP: 000000000073bf00 R08: 0000000020003700 R09: 0000000000000000
[ 3427.711971] R10: 0000000000000006 R11: 0000000000000246 R12: 00007ff1541606d4
[ 3427.719216] R13: 00000000004c4b6d R14: 00000000004d85c8 R15: 0000000000000004
[ 3427.728470] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:56 executing program 2 (fault-call:2 fault-nth:29):
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3427.744098] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:56 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x300}, 0x0)

18:26:56 executing program 1:

18:26:56 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x8000000}, 0x0)

[ 3427.795148] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3427.795813] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3427.820656] FAULT_INJECTION: forcing a failure.
[ 3427.820656] name failslab, interval 1, probability 0, space 0, times 0
18:26:56 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB])

[ 3427.913659] CPU: 1 PID: 5298 Comm: syz-executor2 Not tainted 5.0.0-rc5+ #61
[ 3427.920882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3427.930221] Call Trace:
[ 3427.932787]  dump_stack+0x172/0x1f0
[ 3427.936406]  should_fail.cold+0xa/0x1b
[ 3427.940288]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3427.945370]  ? find_held_lock+0x35/0x130
[ 3427.949417]  ? netlink_deliver_tap+0x146/0xbf0
[ 3427.954003]  __should_failslab+0x121/0x190
[ 3427.958235]  should_failslab+0x9/0x14
[ 3427.962024]  kmem_cache_alloc+0x47/0x710
[ 3427.966209]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3427.971739]  ? check_preemption_disabled+0x48/0x290
[ 3427.971751]  ? lock_acquire+0x16f/0x3f0
[ 3427.971768]  skb_clone+0x150/0x3b0
[ 3427.971784]  netlink_deliver_tap+0x952/0xbf0
[ 3427.971795]  ? skb_put+0x177/0x1d0
[ 3427.992177]  __netlink_sendskb+0x63/0xd0
[ 3427.996235]  netlink_dump+0xc56/0xfb0
[ 3427.998850] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[ 3428.000040]  ? netlink_broadcast+0x50/0x50
[ 3428.000061]  ? refcount_dec_and_test_checked+0x1b/0x20
[ 3428.000074]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 3428.000087]  ? consume_skb+0xef/0x380
[ 3428.000103]  netlink_recvmsg+0xb9f/0xf10
[ 3428.032487]  ? netlink_dump+0xfb0/0xfb0
[ 3428.036454]  ? copy_msghdr_from_user+0x2d0/0x430
[ 3428.041199]  ? netlink_dump+0xfb0/0xfb0
[ 3428.045155]  sock_recvmsg_nosec+0x8c/0xb0
[ 3428.049278]  ? __sock_tx_timestamp+0xd0/0xd0
[ 3428.053673]  ___sys_recvmsg+0x273/0x5d0
[ 3428.057642]  ? ___sys_sendmsg+0x930/0x930
[ 3428.061787]  ? do_recvmmsg+0x329/0x7a0
[ 3428.065660]  ? find_held_lock+0x35/0x130
[ 3428.069696]  ? do_recvmmsg+0x329/0x7a0
[ 3428.073566]  ? find_held_lock+0x35/0x130
[ 3428.077618]  ? ktime_get_ts64+0x115/0x3f0
[ 3428.081758]  do_recvmmsg+0x27c/0x7a0
[ 3428.085449]  ? ___sys_recvmsg+0x5d0/0x5d0
[ 3428.089581]  ? _copy_from_user+0xdd/0x150
[ 3428.093825]  __sys_recvmmsg+0xe5/0x270
[ 3428.097705]  ? __ia32_sys_recvmsg+0xb0/0xb0
[ 3428.102014]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3428.106745]  ? do_syscall_64+0x26/0x610
[ 3428.110693]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3428.116038]  ? do_syscall_64+0x26/0x610
[ 3428.120008]  __x64_sys_recvmmsg+0xe6/0x140
[ 3428.124233]  do_syscall_64+0x103/0x610
[ 3428.128104]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3428.133266] RIP: 0033:0x457e39
[ 3428.136446] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3428.155336] RSP: 002b:00007ff15415fc78 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
18:26:56 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:56 executing program 1:

[ 3428.163028] RAX: ffffffffffffffda RBX: 00007ff15415fc90 RCX: 0000000000457e39
[ 3428.170272] RDX: 0400000000000228 RSI: 00000000200037c0 RDI: 0000000000000003
[ 3428.177522] RBP: 000000000073bf00 R08: 0000000020003700 R09: 0000000000000000
[ 3428.184774] R10: 0000000000000006 R11: 0000000000000246 R12: 00007ff1541606d4
[ 3428.192029] R13: 00000000004c4b6d R14: 00000000004d85c8 R15: 0000000000000004
[ 3428.204110] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:56 executing program 2 (fault-call:2 fault-nth:30):
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:56 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x600}, 0x0)

[ 3428.221633] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:56 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xa000000}, 0x0)

18:26:56 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev='])

[ 3428.288079] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:56 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:56 executing program 1:

[ 3428.288807] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3428.378488] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3428.397424] REISERFS warning (device loop3): super-6506 reiserfs_getopt: empty argument for "jdev"
[ 3428.397424] 
18:26:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:56 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xc000000}, 0x0)

18:26:56 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xa00}, 0x0)

18:26:56 executing program 1:

[ 3428.435448] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3428.436112] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:56 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:56 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev='])

[ 3428.542895] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xc00}, 0x0)

18:26:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3428.594072] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3428.597220] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:57 executing program 1:

18:26:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xc150000}, 0x0)

18:26:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xe00}, 0x0)

18:26:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\xfe\xff\xff\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3428.674949] REISERFS warning (device loop3): super-6506 reiserfs_getopt: empty argument for "jdev"
[ 3428.674949] 
18:26:57 executing program 1:

18:26:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3428.748472] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3428.757732] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xe000000}, 0x0)

18:26:57 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev='])

[ 3428.823766] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:57 executing program 1:

[ 3428.828973] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf00}, 0x0)

18:26:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:57 executing program 1:

[ 3428.930863] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xf000000}, 0x0)

18:26:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x1b39}, 0x0)

[ 3429.013914] REISERFS warning (device loop3): super-6506 reiserfs_getopt: empty argument for "jdev"
[ 3429.013914] 
[ 3429.036133] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:57 executing program 1:

[ 3429.036760] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3429.095327] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:57 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=./f'])

18:26:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x391b}, 0x0)

[ 3429.117588] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:57 executing program 1:

18:26:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x10000000}, 0x0)

18:26:57 executing program 1:

[ 3429.232995] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3429.241881] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3429.259703] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\a\xff\xff\xfe\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x3f00}, 0x0)

18:26:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x20000000}, 0x0)

18:26:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3429.338826] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
18:26:57 executing program 1:

[ 3429.419131] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x5865}, 0x0)

18:26:57 executing program 1:

[ 3429.442143] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3429.443708] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:57 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:26:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x48000000}, 0x0)

18:26:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x6000}, 0x0)

18:26:58 executing program 1:

[ 3429.599807] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3429.606105] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:58 executing program 1:

18:26:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x4c000000}, 0x0)

18:26:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x6558}, 0x0)

[ 3429.633671] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3429.728761] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[ 3429.749724] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3429.753983] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3429.764248] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:58 executing program 1:

18:26:58 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev'])

18:26:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x8100}, 0x0)

18:26:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x60000000}, 0x0)

18:26:58 executing program 1:

18:26:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf000}, 0x0)

18:26:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3429.949706] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3429.950340] REISERFS warning (device loop3): super-6504 reiserfs_getopt: the option "jdev" requires an argument
[ 3429.950340] 
[ 3429.950864] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:58 executing program 1:

18:26:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x65580000}, 0x0)

[ 3430.010557] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:58 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev'])

[ 3430.079780] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:58 executing program 1:

18:26:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x34000}, 0x0)

[ 3430.081116] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3430.141556] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:58 executing program 1:

18:26:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3430.206358] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3430.207010] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x68000000}, 0x0)

[ 3430.267432] REISERFS warning (device loop3): super-6504 reiserfs_getopt: the option "jdev" requires an argument
[ 3430.267432] 
18:26:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x400300}, 0x0)

18:26:58 executing program 1:

18:26:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3430.356658] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3430.363293] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:58 executing program 1:

[ 3430.404629] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:58 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev'])

18:26:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x6c000000}, 0x0)

18:26:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf0ffff}, 0x0)

18:26:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3430.405346] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3430.529483] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:58 executing program 1:

18:26:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x1000000}, 0x0)

[ 3430.574784] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3430.575526] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3430.586779] REISERFS warning (device loop3): super-6504 reiserfs_getopt: the option "jdev" requires an argument
[ 3430.586779] 
18:26:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x74000000}, 0x0)

18:26:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:59 executing program 1:

18:26:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x2000000}, 0x0)

[ 3430.715200] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3430.726544] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:59 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev='])

18:26:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x7a000000}, 0x0)

[ 3430.777107] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3430.777851] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x3000000}, 0x0)

18:26:59 executing program 1:

18:26:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3430.843006] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x81000000}, 0x0)

18:26:59 executing program 1:

[ 3430.917642] REISERFS warning (device loop3): super-6506 reiserfs_getopt: empty argument for "jdev"
[ 3430.917642] 
[ 3430.930321] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3430.930997] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3430.997523] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x4000000}, 0x0)

18:26:59 executing program 1:

18:26:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\a\xff\xff\xfe\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:59 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev='])

18:26:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x88a8ffff}, 0x0)

18:26:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3431.121518] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3431.138093] REISERFS warning (device loop3): super-6506 reiserfs_getopt: empty argument for "jdev"
[ 3431.138093] 
[ 3431.153742] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:59 executing program 1:

[ 3431.175134] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x6000000}, 0x0)

18:26:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x9effffff}, 0x0)

18:26:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:59 executing program 1:

18:26:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3431.266725] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3431.268627] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:26:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x8000000}, 0x0)

18:26:59 executing program 1:

18:26:59 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev='])

[ 3431.375362] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3431.387320] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3431.395881] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xa000000}, 0x0)

18:26:59 executing program 1:

[ 3431.445991] bridge: RTM_NEWNEIGH with invalid state 0x0
18:26:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:26:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:26:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xf0ffffff}, 0x0)

[ 3431.536693] REISERFS warning (device loop3): super-6506 reiserfs_getopt: empty argument for "jdev"
[ 3431.536693] 
18:26:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xc000000}, 0x0)

18:26:59 executing program 1:

18:27:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3431.574542] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3431.577968] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3431.660084] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:00 executing program 1:

18:27:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xe000000}, 0x0)

18:27:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:00 executing program 3:

18:27:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xfe010000}, 0x0)

[ 3431.770243] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3431.773292] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:00 executing program 3:

18:27:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf000000}, 0x0)

18:27:00 executing program 1:

[ 3431.877624] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3431.882584] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3431.884551] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xffffa888}, 0x0)

18:27:00 executing program 3:

18:27:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x10000000}, 0x0)

18:27:00 executing program 1:

18:27:00 executing program 3:

[ 3432.058024] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3432.065455] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3432.084005] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xfffff000}, 0x0)

18:27:00 executing program 1:

18:27:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:00 executing program 3:
r0 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x0, 0x0)
close(r0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0)
read(r0, &(0x7f0000000300)=""/11, 0x5)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000))
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$TIOCSCTTY(r0, 0x540e, 0x0)

18:27:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x1b390000}, 0x0)

[ 3432.183347] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3432.189559] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3432.247922] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:00 executing program 1:
r0 = syz_open_dev$binder(&(0x7f0000000200)='/dev/binder#\x00', 0x0, 0x0)
r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x20011, r1, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x4, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00c@@'], 0x0, 0x0, 0x0})
poll(&(0x7f00000001c0)=[{r0}], 0x1, 0xffffffffffff0001)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4, 0x0, &(0x7f0000000080)=[@enter_looper], 0x48, 0x0, &(0x7f0000000480)="f27aec438116cefc2a394072b6ad8809e53ac6553db7f225a4e47722a00ba8846454ad779316094e4bee8cab76761555d3676404fb3c728f045f7d9ecc9b2662539500d7df7d1802"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x4, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="01634040"], 0x0, 0x0, 0x0})

18:27:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x3f000000}, 0x0)

18:27:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xffffff7f}, 0x0)

18:27:00 executing program 3:
syz_open_dev$admmidi(0x0, 0x0, 0x0)
setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, &(0x7f0000000780))
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000200)={0x80033d, 0x20000000209, 0x0, <r1=>0xffffffffffffffff})
r2 = dup2(r0, r1)
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000000)={0x9cf0000008, 0x9})

18:27:00 executing program 3:
openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000fc0)=ANY=[@ANYBLOB="6d00002e230087c75029a802f806000000000000f7ef736455b79bd616dc1d1b17b37d231e742edbc1d58328cedb012d56ab41218271d73c20000000000000fbffffff50bb51082c3082567f5c03304a830dbc8747386112e22f0a270738c16dd3770b46c8431d2afb54729635e711fb1cf8d13dab358d147117d35f5d67a55d5d6d8f3f84f9153450557c663dbe7817287f2513447d9d2625fdccb07b17c96c073340181351ab83d4c5eb02bfa679cc6b9fad1061d7427578fbb4440d0de12be49cbce618531e6ab925a36a45aaf21df8e1de148db4c2658e4228fb694b4afd6e50fe7273a45955e12ea0ab5c14d0e206930009de3493fd8a604b27dd6f1ac573c32e0dca7047454d9b8d49bcfe9820ba872105e3665a47850885d49a6826b3ae0f54bc35192d27b9da9a360c579a4ce9ccee67150765be7e21926d53fca2781e56fef034e30804ab390c7c3dba596615f91cbee6e30c78d36ca34a3d65835afa73f183f945260ef526a179fd09994ca800c463e2b1b27f355a46c0cb43198608cec255b07ef7bac6f32ab97422d57d100509066cda9514c7fdcc4b7505075a5c84b0ab75b31dd9bc8d8a4d78ef4449df"], 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000200)={0x80033d, 0x20000000209, 0x0, <r1=>0xffffffffffffffff})
r2 = dup2(r0, r1)
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000000)={0x9cf0000008, 0x9})

[ 3432.413345] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3432.418957] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3432.430669] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3432.452130] binder_alloc: 5854: binder_alloc_buf, no vma
18:27:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x60000000}, 0x0)

[ 3432.475434] binder: 5854:5872 transaction failed 29189/-3, size 0-0 line 3035
18:27:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xffffff9e}, 0x0)

18:27:00 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000440), 0x131f64)
clone(0x2102001ff9, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
syz_execute_func(&(0x7f0000000100)="3666440f50f564ff0941c3c4e2c9975842c4c27d794e0066420fe2e33e0f1110c442019dccd3196f")
setsockopt$inet_group_source_req(r1, 0x0, 0x30, &(0x7f0000000400)={0x0, {}, {{0x2, 0x0, @multicast2}}}, 0x108)
sendmsg$TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)

[ 3432.543198] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3432.543887] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3432.581158] binder: send failed reply for transaction 44 to 5854:5856
[ 3432.609007] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3433.155821] binder_alloc: binder_alloc_mmap_handler: 5854 20ff9000-20ffd000 already mapped failed -16
[ 3433.165473] binder: BINDER_SET_CONTEXT_MGR already set
[ 3433.170759] binder: 5854:5872 ioctl 40046207 0 returned -16
[ 3433.170792] binder_alloc: 5854: binder_alloc_buf, no vma
[ 3433.182088] binder: 5854:6007 transaction failed 29189/-3, size 0-0 line 3035
[ 3433.189595] binder: undelivered TRANSACTION_ERROR: 29190
[ 3433.190216] binder: 5854:6007 got reply transaction with no transaction stack
18:27:01 executing program 1 (fault-call:0 fault-nth:0):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:01 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x65580000}, 0x0)

18:27:01 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:01 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xfffffff0}, 0x0)

18:27:01 executing program 3 (fault-call:2 fault-nth:0):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3433.202389] binder: 5854:6007 transaction failed 29201/-71, size 0-0 line 2801
[ 3433.224485] binder: undelivered TRANSACTION_COMPLETE
[ 3433.240769] FAULT_INJECTION: forcing a failure.
[ 3433.240769] name failslab, interval 1, probability 0, space 0, times 0
18:27:01 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3433.253796] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3433.253888] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3433.254512] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3433.273498] binder: undelivered TRANSACTION_ERROR: 29189
[ 3433.287749] binder: undelivered TRANSACTION_ERROR: 29201
[ 3433.305008] CPU: 0 PID: 6014 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3433.312116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3433.321456] Call Trace:
[ 3433.321479]  dump_stack+0x172/0x1f0
[ 3433.327644]  should_fail.cold+0xa/0x1b
[ 3433.327661]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3433.327681]  ? lock_downgrade+0x810/0x810
[ 3433.327696]  ? ___might_sleep+0x163/0x280
[ 3433.344906]  __should_failslab+0x121/0x190
[ 3433.349157]  should_failslab+0x9/0x14
[ 3433.352958]  __kmalloc+0x2dc/0x740
[ 3433.356497]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 3433.362031]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3433.364026] FAULT_INJECTION: forcing a failure.
[ 3433.364026] name failslab, interval 1, probability 0, space 0, times 0
[ 3433.367559]  ? strnlen_user+0x1f0/0x280
[ 3433.367572]  ? __x64_sys_memfd_create+0x13c/0x470
[ 3433.367587]  __x64_sys_memfd_create+0x13c/0x470
[ 3433.392282]  ? memfd_fcntl+0x1550/0x1550
[ 3433.396336]  ? do_syscall_64+0x26/0x610
[ 3433.400306]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3433.405077]  ? trace_hardirqs_on+0x67/0x230
[ 3433.409391]  do_syscall_64+0x103/0x610
[ 3433.413272]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3433.418444] RIP: 0033:0x457e39
[ 3433.421623] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3433.440601] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3433.448305] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
18:27:01 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x81000000}, 0x0)

18:27:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:01 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x88a8ffff}, 0x0)

[ 3433.455568] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
[ 3433.462829] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3433.470090] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4fff5f36d4
[ 3433.477347] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000005
[ 3433.483349] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3433.483449] binder: undelivered TRANSACTION_ERROR: 29189
[ 3433.499275] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3433.501002] CPU: 1 PID: 6024 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3433.516394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3433.525746] Call Trace:
[ 3433.528330]  dump_stack+0x172/0x1f0
[ 3433.531958]  should_fail.cold+0xa/0x1b
[ 3433.535845]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3433.540939]  ? lock_downgrade+0x810/0x810
[ 3433.545081]  ? ___might_sleep+0x163/0x280
[ 3433.549227]  __should_failslab+0x121/0x190
[ 3433.553452]  should_failslab+0x9/0x14
18:27:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3433.553465]  __kmalloc+0x2dc/0x740
[ 3433.553478]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 3433.553490]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3433.553502]  ? strnlen_user+0x1f0/0x280
[ 3433.553515]  ? __x64_sys_memfd_create+0x13c/0x470
[ 3433.553530]  __x64_sys_memfd_create+0x13c/0x470
[ 3433.576298]  ? memfd_fcntl+0x1550/0x1550
[ 3433.585756]  ? do_syscall_64+0x26/0x610
[ 3433.585769]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3433.585782]  ? trace_hardirqs_on+0x67/0x230
[ 3433.585798]  do_syscall_64+0x103/0x610
18:27:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3433.585814]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3433.585825] RIP: 0033:0x457e39
[ 3433.614901] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3433.633804] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3433.641500] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
[ 3433.641508] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
18:27:02 executing program 1 (fault-call:0 fault-nth:1):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:02 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x40030000000000}, 0x0)

18:27:02 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:02 executing program 3 (fault-call:2 fault-nth:1):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3433.641515] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3433.641523] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c625566d4
[ 3433.641529] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000003
18:27:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:02 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x9effffff}, 0x0)

[ 3433.702691] FAULT_INJECTION: forcing a failure.
[ 3433.702691] name failslab, interval 1, probability 0, space 0, times 0
[ 3433.717972] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3433.727446] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3433.728140] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3433.750835] FAULT_INJECTION: forcing a failure.
[ 3433.750835] name failslab, interval 1, probability 0, space 0, times 0
[ 3433.766398] CPU: 0 PID: 6061 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3433.777517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3433.786862] Call Trace:
[ 3433.789455]  dump_stack+0x172/0x1f0
[ 3433.793085]  should_fail.cold+0xa/0x1b
[ 3433.793101]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3433.793118]  ? lock_downgrade+0x810/0x810
[ 3433.806199]  ? ___might_sleep+0x163/0x280
[ 3433.810343]  __should_failslab+0x121/0x190
[ 3433.810358]  should_failslab+0x9/0x14
[ 3433.810370]  kmem_cache_alloc+0x2be/0x710
[ 3433.822490]  ? __alloc_fd+0x430/0x530
[ 3433.822507]  ? shmem_destroy_callback+0xc0/0xc0
[ 3433.822519]  shmem_alloc_inode+0x1c/0x50
[ 3433.822533]  alloc_inode+0x66/0x190
[ 3433.830952]  new_inode_pseudo+0x19/0xf0
[ 3433.830965]  new_inode+0x1f/0x40
[ 3433.830978]  shmem_get_inode+0x84/0x780
18:27:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:02 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xf0ffffffffffff}, 0x0)

[ 3433.830995]  __shmem_file_setup.part.0+0x7e/0x2b0
[ 3433.838642]  shmem_file_setup+0x66/0x90
[ 3433.838659]  __x64_sys_memfd_create+0x2a2/0x470
[ 3433.838672]  ? memfd_fcntl+0x1550/0x1550
[ 3433.838686]  ? do_syscall_64+0x26/0x610
[ 3433.845980]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3433.845994]  ? trace_hardirqs_on+0x67/0x230
[ 3433.846011]  do_syscall_64+0x103/0x610
[ 3433.846027]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3433.846037] RIP: 0033:0x457e39
[ 3433.854798] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3433.854805] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3433.854818] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
[ 3433.854825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
[ 3433.854831] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3433.854840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c625566d4
[ 3433.863526] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000003
[ 3433.871108] CPU: 0 PID: 6054 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3433.912048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3433.912053] Call Trace:
[ 3433.912070]  dump_stack+0x172/0x1f0
[ 3433.912087]  should_fail.cold+0xa/0x1b
[ 3433.912101]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3433.912114]  ? lock_downgrade+0x810/0x810
[ 3433.912128]  ? ___might_sleep+0x163/0x280
[ 3433.949025]  __should_failslab+0x121/0x190
18:27:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:02 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3433.949041]  should_failslab+0x9/0x14
[ 3433.949053]  kmem_cache_alloc+0x2be/0x710
[ 3433.949064]  ? __alloc_fd+0x430/0x530
[ 3433.949078]  ? shmem_destroy_callback+0xc0/0xc0
[ 3433.963503]  shmem_alloc_inode+0x1c/0x50
[ 3433.963517]  alloc_inode+0x66/0x190
[ 3433.963529]  new_inode_pseudo+0x19/0xf0
[ 3433.963541]  new_inode+0x1f/0x40
[ 3433.963553]  shmem_get_inode+0x84/0x780
[ 3433.963570]  __shmem_file_setup.part.0+0x7e/0x2b0
[ 3433.979072]  shmem_file_setup+0x66/0x90
[ 3433.979090]  __x64_sys_memfd_create+0x2a2/0x470
[ 3433.979102]  ? memfd_fcntl+0x1550/0x1550
18:27:02 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf0ffffff}, 0x0)

[ 3433.979117]  ? do_syscall_64+0x26/0x610
[ 3433.988057]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3433.988071]  ? trace_hardirqs_on+0x67/0x230
[ 3433.988088]  do_syscall_64+0x103/0x610
[ 3433.988104]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3433.988114] RIP: 0033:0x457e39
[ 3434.000588] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:27:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3434.000596] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3434.000609] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
[ 3434.000627] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
[ 3434.008529] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3434.008537] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4fff5f36d4
[ 3434.008544] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000005
[ 3434.031273] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:02 executing program 1 (fault-call:0 fault-nth:2):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:02 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xffffa888}, 0x0)

18:27:02 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x100000000000000}, 0x0)

[ 3434.040699] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3434.041524] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3434.216631] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3434.249391] FAULT_INJECTION: forcing a failure.
[ 3434.249391] name failslab, interval 1, probability 0, space 0, times 0
18:27:02 executing program 3 (fault-call:2 fault-nth:2):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:02 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x200000000000000}, 0x0)

18:27:02 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3434.313682] CPU: 1 PID: 6099 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3434.320815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3434.330268] Call Trace:
[ 3434.332862]  dump_stack+0x172/0x1f0
[ 3434.336495]  should_fail.cold+0xa/0x1b
[ 3434.340386]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3434.345488]  ? lock_downgrade+0x810/0x810
[ 3434.349649]  ? ___might_sleep+0x163/0x280
[ 3434.353801]  __should_failslab+0x121/0x190
[ 3434.358029]  should_failslab+0x9/0x14
[ 3434.361822]  kmem_cache_alloc+0x2be/0x710
[ 3434.365963]  ? current_time+0x6b/0x140
[ 3434.369836]  ? ktime_get_coarse_real_ts64+0xf0/0x2b0
[ 3434.374933]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3434.374945]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3434.374958]  ? timespec64_trunc+0xf0/0x180
[ 3434.374971]  __d_alloc+0x2e/0x8c0
[ 3434.374986]  d_alloc_pseudo+0x1e/0x30
[ 3434.375000]  alloc_file_pseudo+0xe2/0x280
[ 3434.375014]  ? alloc_file+0x4d0/0x4d0
[ 3434.375030]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 3434.375043]  ? kasan_check_write+0x14/0x20
[ 3434.375059]  __shmem_file_setup.part.0+0x108/0x2b0
[ 3434.375076]  shmem_file_setup+0x66/0x90
[ 3434.414217]  __x64_sys_memfd_create+0x2a2/0x470
[ 3434.427728]  ? memfd_fcntl+0x1550/0x1550
[ 3434.431652] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3434.431790]  ? do_syscall_64+0x26/0x610
[ 3434.441085]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3434.441100]  ? trace_hardirqs_on+0x67/0x230
[ 3434.441115]  do_syscall_64+0x103/0x610
[ 3434.441131]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3434.459019] RIP: 0033:0x457e39
[ 3434.462190] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3434.481065] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3434.488757] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
[ 3434.496003] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
[ 3434.503248] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
18:27:02 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xfffff000}, 0x0)

[ 3434.510493] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c625566d4
[ 3434.517738] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000003
[ 3434.549080] FAULT_INJECTION: forcing a failure.
[ 3434.549080] name failslab, interval 1, probability 0, space 0, times 0
18:27:02 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:03 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xffffff7f}, 0x0)

18:27:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3434.618785] CPU: 1 PID: 6118 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3434.626030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3434.635371] Call Trace:
[ 3434.637953]  dump_stack+0x172/0x1f0
[ 3434.641578]  should_fail.cold+0xa/0x1b
[ 3434.645462]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3434.650574]  ? lock_downgrade+0x810/0x810
[ 3434.654720]  ? ___might_sleep+0x163/0x280
[ 3434.658870]  __should_failslab+0x121/0x190
[ 3434.663106]  should_failslab+0x9/0x14
18:27:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3434.666898]  kmem_cache_alloc+0x2be/0x710
[ 3434.671041]  ? current_time+0x6b/0x140
[ 3434.674922]  ? ktime_get_coarse_real_ts64+0xf0/0x2b0
[ 3434.680022]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3434.684597]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3434.690219]  ? timespec64_trunc+0xf0/0x180
[ 3434.694447]  __d_alloc+0x2e/0x8c0
[ 3434.697894]  d_alloc_pseudo+0x1e/0x30
[ 3434.701696]  alloc_file_pseudo+0xe2/0x280
[ 3434.705840]  ? alloc_file+0x4d0/0x4d0
[ 3434.709639]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 3434.715173]  ? kasan_check_write+0x14/0x20
[ 3434.719499]  __shmem_file_setup.part.0+0x108/0x2b0
[ 3434.724433]  shmem_file_setup+0x66/0x90
[ 3434.728410]  __x64_sys_memfd_create+0x2a2/0x470
[ 3434.733071]  ? memfd_fcntl+0x1550/0x1550
[ 3434.733083]  ? do_syscall_64+0x26/0x610
[ 3434.733097]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3434.745655]  ? trace_hardirqs_on+0x67/0x230
[ 3434.745673]  do_syscall_64+0x103/0x610
[ 3434.745692]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3434.759112] RIP: 0033:0x457e39
[ 3434.762300] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3434.781197] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3434.788911] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
[ 3434.796173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
[ 3434.803435] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3434.810696] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4fff5f36d4
18:27:03 executing program 1 (fault-call:0 fault-nth:3):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:03 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xffffff9e}, 0x0)

18:27:03 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x300000000000000}, 0x0)

[ 3434.817960] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000005
[ 3434.843524] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3434.844720] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3434.865515] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3434.886645] FAULT_INJECTION: forcing a failure.
[ 3434.886645] name failslab, interval 1, probability 0, space 0, times 0
[ 3434.906483] CPU: 1 PID: 6144 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3434.913690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3434.923035] Call Trace:
[ 3434.925622]  dump_stack+0x172/0x1f0
[ 3434.929256]  should_fail.cold+0xa/0x1b
[ 3434.933146]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3434.938245]  ? lock_downgrade+0x810/0x810
[ 3434.942403]  ? ___might_sleep+0x163/0x280
[ 3434.946558]  __should_failslab+0x121/0x190
[ 3434.950792]  should_failslab+0x9/0x14
[ 3434.954605]  kmem_cache_alloc+0x2be/0x710
[ 3434.958756]  __alloc_file+0x27/0x300
[ 3434.958771]  alloc_empty_file+0x72/0x170
[ 3434.966509]  alloc_file+0x5e/0x4d0
[ 3434.966525]  alloc_file_pseudo+0x189/0x280
[ 3434.966546]  ? alloc_file+0x4d0/0x4d0
[ 3434.966562]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 3434.966577]  ? kasan_check_write+0x14/0x20
[ 3434.966593]  __shmem_file_setup.part.0+0x108/0x2b0
[ 3434.966606]  shmem_file_setup+0x66/0x90
[ 3434.966623]  __x64_sys_memfd_create+0x2a2/0x470
[ 3434.987936]  ? memfd_fcntl+0x1550/0x1550
[ 3434.987950]  ? do_syscall_64+0x26/0x610
[ 3434.987963]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3434.996839]  ? trace_hardirqs_on+0x67/0x230
18:27:03 executing program 3 (fault-call:2 fault-nth:3):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:03 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xfffffff0}, 0x0)

18:27:03 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x01\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3434.996856]  do_syscall_64+0x103/0x610
[ 3434.996873]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3434.996882] RIP: 0033:0x457e39
[ 3434.996894] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3434.996901] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3434.996913] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
18:27:03 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x400000000000000}, 0x0)

[ 3434.996919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
[ 3434.996928] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3435.080014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c625566d4
[ 3435.080022] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000003
[ 3435.084319] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3435.084944] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3435.146188] FAULT_INJECTION: forcing a failure.
[ 3435.146188] name failslab, interval 1, probability 0, space 0, times 0
18:27:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:03 executing program 1 (fault-call:0 fault-nth:4):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:03 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3435.168412] CPU: 1 PID: 6162 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3435.175533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3435.184878] Call Trace:
[ 3435.187460]  dump_stack+0x172/0x1f0
[ 3435.191076]  should_fail.cold+0xa/0x1b
[ 3435.194964]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3435.200063]  ? lock_downgrade+0x810/0x810
[ 3435.204207]  ? ___might_sleep+0x163/0x280
[ 3435.204226]  __should_failslab+0x121/0x190
[ 3435.204241]  should_failslab+0x9/0x14
[ 3435.204252]  kmem_cache_alloc+0x2be/0x710
18:27:03 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x40030000000000}, 0x0)

[ 3435.204274]  __alloc_file+0x27/0x300
[ 3435.212611]  alloc_empty_file+0x72/0x170
[ 3435.212624]  alloc_file+0x5e/0x4d0
[ 3435.212640]  alloc_file_pseudo+0x189/0x280
[ 3435.236015]  ? alloc_file+0x4d0/0x4d0
[ 3435.239817]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 3435.245356]  ? kasan_check_write+0x14/0x20
[ 3435.249588]  __shmem_file_setup.part.0+0x108/0x2b0
[ 3435.249606]  shmem_file_setup+0x66/0x90
[ 3435.249620]  __x64_sys_memfd_create+0x2a2/0x470
[ 3435.249634]  ? memfd_fcntl+0x1550/0x1550
[ 3435.263145]  ? do_syscall_64+0x26/0x610
[ 3435.271141]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3435.275719]  ? trace_hardirqs_on+0x67/0x230
[ 3435.280035]  do_syscall_64+0x103/0x610
[ 3435.280054]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3435.280064] RIP: 0033:0x457e39
[ 3435.280077] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3435.280086] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
18:27:03 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf0ffffffffffff}, 0x0)

[ 3435.289119] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
[ 3435.311172] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
[ 3435.311181] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3435.311189] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4fff5f36d4
[ 3435.311196] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000005
[ 3435.322027] FAULT_INJECTION: forcing a failure.
[ 3435.322027] name failslab, interval 1, probability 0, space 0, times 0
18:27:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:03 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3435.396859] CPU: 1 PID: 6176 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3435.403988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3435.403994] Call Trace:
[ 3435.404014]  dump_stack+0x172/0x1f0
[ 3435.404034]  should_fail.cold+0xa/0x1b
[ 3435.404064]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3435.404078]  ? lock_downgrade+0x810/0x810
[ 3435.404111]  ? ___might_sleep+0x163/0x280
[ 3435.404132]  __should_failslab+0x121/0x190
[ 3435.404149]  should_failslab+0x9/0x14
[ 3435.404162]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3435.404187]  ? ___might_sleep+0x163/0x280
[ 3435.404202]  ? __might_sleep+0x95/0x190
[ 3435.404219]  apparmor_file_alloc_security+0x112/0x940
[ 3435.404239]  security_file_alloc+0x69/0xb0
[ 3435.404252]  __alloc_file+0xac/0x300
[ 3435.441827]  alloc_empty_file+0x72/0x170
[ 3435.441843]  alloc_file+0x5e/0x4d0
[ 3435.441860]  alloc_file_pseudo+0x189/0x280
[ 3435.441873]  ? alloc_file+0x4d0/0x4d0
[ 3435.454428]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 3435.454445]  ? kasan_check_write+0x14/0x20
[ 3435.454463]  __shmem_file_setup.part.0+0x108/0x2b0
[ 3435.454480]  shmem_file_setup+0x66/0x90
[ 3435.454503]  __x64_sys_memfd_create+0x2a2/0x470
[ 3435.454517]  ? memfd_fcntl+0x1550/0x1550
[ 3435.454531]  ? do_syscall_64+0x26/0x610
[ 3435.454545]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3435.454557]  ? trace_hardirqs_on+0x67/0x230
[ 3435.454571]  do_syscall_64+0x103/0x610
[ 3435.466071] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3435.467914]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3435.467924] RIP: 0033:0x457e39
[ 3435.467937] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3435.467943] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3435.472186] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3435.483408] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
[ 3435.483416] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
18:27:03 executing program 3 (fault-call:2 fault-nth:4):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:03 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:03 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x500000000000000}, 0x0)

18:27:03 executing program 1 (fault-call:0 fault-nth:5):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:04 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x100000000000000}, 0x0)

[ 3435.483424] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3435.483432] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7c625566d4
[ 3435.483439] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000003
[ 3435.625835] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3435.632005] FAULT_INJECTION: forcing a failure.
[ 3435.632005] name failslab, interval 1, probability 0, space 0, times 0
[ 3435.652343] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3435.652953] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3435.659611] CPU: 0 PID: 6204 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3435.665075] FAULT_INJECTION: forcing a failure.
[ 3435.665075] name failslab, interval 1, probability 0, space 0, times 0
[ 3435.669783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3435.669789] Call Trace:
[ 3435.669810]  dump_stack+0x172/0x1f0
[ 3435.669827]  should_fail.cold+0xa/0x1b
[ 3435.669841]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3435.712579]  ? lock_downgrade+0x810/0x810
[ 3435.716726]  ? ___might_sleep+0x163/0x280
[ 3435.720882]  __should_failslab+0x121/0x190
[ 3435.725117]  should_failslab+0x9/0x14
[ 3435.728913]  kmem_cache_alloc+0x2be/0x710
[ 3435.733056]  ? notify_change+0x6d5/0xfb0
[ 3435.737114]  ? do_sys_ftruncate+0x41e/0x550
[ 3435.741436]  getname_flags+0xd6/0x5b0
[ 3435.745239]  getname+0x1a/0x20
[ 3435.748443]  do_sys_open+0x2c9/0x5d0
[ 3435.752257]  ? filp_open+0x80/0x80
[ 3435.755802]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3435.760551]  ? do_syscall_64+0x26/0x610
[ 3435.764528]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3435.766619] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3435.769574] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3435.769882]  ? do_syscall_64+0x26/0x610
[ 3435.769899]  __x64_sys_open+0x7e/0xc0
[ 3435.769913]  do_syscall_64+0x103/0x610
[ 3435.798214]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3435.803393] RIP: 0033:0x411f21
[ 3435.806575] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 3435.825476] RSP: 002b:00007f7c62555a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 3435.833172] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21
[ 3435.840432] RDX: 00007f7c62555afa RSI: 0000000000000002 RDI: 00007f7c62555af0
18:27:04 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:04 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3435.847794] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3435.855051] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[ 3435.862321] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3435.869617] CPU: 1 PID: 6248 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3435.876717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3435.876722] Call Trace:
[ 3435.876739]  dump_stack+0x172/0x1f0
[ 3435.876754]  should_fail.cold+0xa/0x1b
[ 3435.888651]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3435.888666]  ? lock_downgrade+0x810/0x810
[ 3435.896131]  ? ___might_sleep+0x163/0x280
[ 3435.896149]  __should_failslab+0x121/0x190
[ 3435.896163]  should_failslab+0x9/0x14
[ 3435.896173]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3435.896186]  ? ___might_sleep+0x163/0x280
[ 3435.905383]  ? __might_sleep+0x95/0x190
[ 3435.905401]  apparmor_file_alloc_security+0x112/0x940
[ 3435.905420]  security_file_alloc+0x69/0xb0
[ 3435.913757]  __alloc_file+0xac/0x300
[ 3435.913773]  alloc_empty_file+0x72/0x170
[ 3435.913788]  alloc_file+0x5e/0x4d0
[ 3435.913804]  alloc_file_pseudo+0x189/0x280
[ 3435.922242]  ? alloc_file+0x4d0/0x4d0
[ 3435.922260]  ? lockdep_annotate_inode_mutex_key+0x5b/0x70
[ 3435.922276]  ? kasan_check_write+0x14/0x20
[ 3435.930355]  __shmem_file_setup.part.0+0x108/0x2b0
[ 3435.930370]  shmem_file_setup+0x66/0x90
[ 3435.930386]  __x64_sys_memfd_create+0x2a2/0x470
[ 3435.939778]  ? memfd_fcntl+0x1550/0x1550
[ 3435.939793]  ? do_syscall_64+0x26/0x610
[ 3435.939809]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3435.947531]  ? trace_hardirqs_on+0x67/0x230
[ 3435.947548]  do_syscall_64+0x103/0x610
18:27:04 executing program 3 (fault-call:2 fault-nth:5):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3435.947564]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3435.955295] RIP: 0033:0x457e39
[ 3435.955308] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3435.955315] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 3435.955326] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000457e39
[ 3435.955333] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bce47
18:27:04 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:04 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x600000000000000}, 0x0)

18:27:04 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3435.955341] RBP: 000000000073bf00 R08: 0000000000000000 R09: 00000000fbad8001
[ 3435.955350] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4fff5f36d4
[ 3435.964629] R13: 00000000004c678f R14: 00000000004dbc70 R15: 0000000000000005
[ 3436.008967] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.011079] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:04 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x200000000000000}, 0x0)

18:27:04 executing program 1 (fault-call:0 fault-nth:6):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:04 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\xfe\xff\xff\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3436.120274] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.146543] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.161404] FAULT_INJECTION: forcing a failure.
[ 3436.161404] name failslab, interval 1, probability 0, space 0, times 0
[ 3436.168196] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3436.220287] CPU: 1 PID: 6276 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3436.227435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3436.234898] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.235563] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.236799] Call Trace:
[ 3436.253525]  dump_stack+0x172/0x1f0
[ 3436.253541]  should_fail.cold+0xa/0x1b
[ 3436.253556]  ? fault_create_debugfs_attr+0x1e0/0x1e0
18:27:04 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x700000000000000}, 0x0)

[ 3436.253570]  ? lock_downgrade+0x810/0x810
[ 3436.272830]  ? ___might_sleep+0x163/0x280
[ 3436.276979]  __should_failslab+0x121/0x190
[ 3436.281223]  should_failslab+0x9/0x14
[ 3436.285017]  kmem_cache_alloc+0x2be/0x710
[ 3436.285031]  ? notify_change+0x6d5/0xfb0
[ 3436.293214]  ? do_sys_ftruncate+0x41e/0x550
[ 3436.297539]  getname_flags+0xd6/0x5b0
[ 3436.301352]  getname+0x1a/0x20
[ 3436.304538]  do_sys_open+0x2c9/0x5d0
[ 3436.308243]  ? filp_open+0x80/0x80
[ 3436.308437] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:04 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:04 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3436.311780]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3436.311791]  ? do_syscall_64+0x26/0x610
[ 3436.311805]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3436.325839]  ? do_syscall_64+0x26/0x610
[ 3436.325855]  __x64_sys_open+0x7e/0xc0
[ 3436.325868]  do_syscall_64+0x103/0x610
[ 3436.325885]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3436.348120] RIP: 0033:0x411f21
[ 3436.351303] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
18:27:04 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x300000000000000}, 0x0)

[ 3436.370273] RSP: 002b:00007f4fff5f2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 3436.370286] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21
[ 3436.370292] RDX: 00007f4fff5f2afa RSI: 0000000000000002 RDI: 00007f4fff5f2af0
[ 3436.370298] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3436.370305] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000006
[ 3436.370311] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
[ 3436.401703] FAULT_INJECTION: forcing a failure.
18:27:04 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3436.401703] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3436.415955] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.416606] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.426277] CPU: 1 PID: 6292 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3436.426286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3436.426290] Call Trace:
[ 3436.426312]  dump_stack+0x172/0x1f0
[ 3436.426331]  should_fail.cold+0xa/0x1b
[ 3436.426345]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3436.426360]  ? mark_held_locks+0x100/0x100
[ 3436.450073]  should_fail_alloc_page+0x50/0x60
[ 3436.450086]  __alloc_pages_nodemask+0x1a1/0x710
[ 3436.450101]  ? __alloc_pages_slowpath+0x2900/0x2900
[ 3436.450114]  ? find_held_lock+0x35/0x130
[ 3436.473860] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.474642] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.478845]  cache_grow_begin+0x9c/0x8c0
18:27:04 executing program 3 (fault-call:2 fault-nth:6):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:04 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\a\xff\xff\xfe\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3436.478859]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3436.478875]  ? check_preemption_disabled+0x48/0x290
[ 3436.528200]  kmem_cache_alloc+0x645/0x710
[ 3436.532444]  ? notify_change+0x6d5/0xfb0
[ 3436.536502]  ? do_sys_ftruncate+0x41e/0x550
[ 3436.540830]  getname_flags+0xd6/0x5b0
[ 3436.544632]  getname+0x1a/0x20
[ 3436.547823]  do_sys_open+0x2c9/0x5d0
[ 3436.551536]  ? filp_open+0x80/0x80
[ 3436.555083]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3436.559829]  ? do_syscall_64+0x26/0x610
[ 3436.559843]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3436.559853]  ? do_syscall_64+0x26/0x610
[ 3436.559867]  __x64_sys_open+0x7e/0xc0
[ 3436.576906]  do_syscall_64+0x103/0x610
[ 3436.577119] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.580815]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3436.594268] RIP: 0033:0x411f21
[ 3436.597439] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 3436.616411] RSP: 002b:00007f7c62555a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 3436.624200] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21
[ 3436.631448] RDX: 00007f7c62555afa RSI: 0000000000000002 RDI: 00007f7c62555af0
[ 3436.638696] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3436.645942] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[ 3436.653190] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3436.666973] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:05 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:05 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x400000000000000}, 0x0)

18:27:05 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x800000000000000}, 0x0)

[ 3436.750804] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:05 executing program 1 (fault-call:0 fault-nth:7):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3436.909937] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.910644] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3436.915486] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3436.933175] FAULT_INJECTION: forcing a failure.
[ 3436.933175] name failslab, interval 1, probability 0, space 0, times 0
[ 3436.951305] CPU: 1 PID: 6325 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3436.958444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3436.967797] Call Trace:
[ 3436.970501]  dump_stack+0x172/0x1f0
[ 3436.974152]  should_fail.cold+0xa/0x1b
[ 3436.978053]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3436.983169]  ? lock_downgrade+0x810/0x810
[ 3436.987319]  ? ___might_sleep+0x163/0x280
[ 3436.987338]  __should_failslab+0x121/0x190
[ 3436.987354]  should_failslab+0x9/0x14
[ 3436.987376]  kmem_cache_alloc+0x2be/0x710
[ 3436.987390]  ? __save_stack_trace+0x8a/0xf0
[ 3436.987409]  __alloc_file+0x27/0x300
[ 3436.987425]  alloc_empty_file+0x72/0x170
[ 3436.987442]  path_openat+0xef/0x4690
[ 3436.987455]  ? __lock_acquire+0x53b/0x4700
[ 3436.987473]  ? getname+0x1a/0x20
[ 3436.987485]  ? do_sys_open+0x2c9/0x5d0
[ 3437.019572]  ? __x64_sys_open+0x7e/0xc0
[ 3437.019588]  ? do_syscall_64+0x103/0x610
[ 3437.019604]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.031079]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 3437.031094]  ? __lock_is_held+0xb6/0x140
[ 3437.031114]  ? __alloc_fd+0x430/0x530
[ 3437.057016]  do_filp_open+0x1a1/0x280
18:27:05 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xa00000000000000}, 0x0)

18:27:05 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3437.060831]  ? may_open_dev+0x100/0x100
[ 3437.062463] FAULT_INJECTION: forcing a failure.
[ 3437.062463] name failslab, interval 1, probability 0, space 0, times 0
[ 3437.064816]  ? lock_downgrade+0x810/0x810
[ 3437.064837]  ? kasan_check_read+0x11/0x20
[ 3437.064852]  ? do_raw_spin_unlock+0x57/0x270
[ 3437.064868]  ? _raw_spin_unlock+0x2d/0x50
[ 3437.064882]  ? __alloc_fd+0x430/0x530
[ 3437.064907]  do_sys_open+0x3fe/0x5d0
[ 3437.064923]  ? filp_open+0x80/0x80
[ 3437.064940]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3437.064953]  ? do_syscall_64+0x26/0x610
[ 3437.064965]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.064980]  ? do_syscall_64+0x26/0x610
[ 3437.122040]  __x64_sys_open+0x7e/0xc0
[ 3437.125853]  do_syscall_64+0x103/0x610
[ 3437.129753]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.134954] RIP: 0033:0x411f21
[ 3437.138151] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 3437.157058] RSP: 002b:00007f7c62555a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 3437.164773] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21
[ 3437.172047] RDX: 00007f7c62555afa RSI: 0000000000000002 RDI: 00007f7c62555af0
[ 3437.179322] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3437.186607] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[ 3437.193882] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3437.201173] CPU: 0 PID: 6334 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3437.208294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3437.217652] Call Trace:
[ 3437.220261]  dump_stack+0x172/0x1f0
[ 3437.223907]  should_fail.cold+0xa/0x1b
[ 3437.227812]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3437.232927]  ? lock_downgrade+0x810/0x810
[ 3437.237092]  ? ___might_sleep+0x163/0x280
[ 3437.241260]  __should_failslab+0x121/0x190
[ 3437.245507]  should_failslab+0x9/0x14
[ 3437.249316]  kmem_cache_alloc+0x2be/0x710
[ 3437.253487]  ? __save_stack_trace+0x8a/0xf0
[ 3437.257828]  __alloc_file+0x27/0x300
[ 3437.261557]  alloc_empty_file+0x72/0x170
[ 3437.265646]  path_openat+0xef/0x4690
[ 3437.269393]  ? __lock_acquire+0x53b/0x4700
[ 3437.273639]  ? getname+0x1a/0x20
[ 3437.277017]  ? do_sys_open+0x2c9/0x5d0
[ 3437.280914]  ? __x64_sys_open+0x7e/0xc0
[ 3437.284902]  ? do_syscall_64+0x103/0x610
[ 3437.286140] FAULT_INJECTION: forcing a failure.
[ 3437.286140] name failslab, interval 1, probability 0, space 0, times 0
[ 3437.288971]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.289000]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 3437.289012]  ? __lock_is_held+0xb6/0x140
[ 3437.289026]  ? find_held_lock+0x35/0x130
[ 3437.318330]  ? __alloc_fd+0x430/0x530
[ 3437.322164]  do_filp_open+0x1a1/0x280
[ 3437.325977]  ? may_open_dev+0x100/0x100
[ 3437.329973]  ? lock_downgrade+0x810/0x810
[ 3437.334133]  ? kasan_check_read+0x11/0x20
[ 3437.338293]  ? do_raw_spin_unlock+0x57/0x270
[ 3437.342720]  ? _raw_spin_unlock+0x2d/0x50
[ 3437.346877]  ? __alloc_fd+0x430/0x530
[ 3437.350700]  do_sys_open+0x3fe/0x5d0
[ 3437.354423]  ? filp_open+0x80/0x80
[ 3437.357972]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3437.362733]  ? do_syscall_64+0x26/0x610
[ 3437.366712]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.372082]  ? do_syscall_64+0x26/0x610
[ 3437.376072]  __x64_sys_open+0x7e/0xc0
[ 3437.379883]  do_syscall_64+0x103/0x610
[ 3437.383786]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.388979] RIP: 0033:0x411f21
[ 3437.392179] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 3437.411386] RSP: 002b:00007f4fff5f2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 3437.419099] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21
[ 3437.426376] RDX: 00007f4fff5f2afa RSI: 0000000000000002 RDI: 00007f4fff5f2af0
[ 3437.433648] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3437.440922] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000006
[ 3437.448199] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
[ 3437.455494] CPU: 1 PID: 6350 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
18:27:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:05 executing program 1 (fault-call:0 fault-nth:8):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3437.462605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3437.471953] Call Trace:
[ 3437.471973]  dump_stack+0x172/0x1f0
[ 3437.471992]  should_fail.cold+0xa/0x1b
[ 3437.472009]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3437.472022]  ? lock_downgrade+0x810/0x810
[ 3437.472038]  ? ___might_sleep+0x163/0x280
[ 3437.482129]  __should_failslab+0x121/0x190
[ 3437.482146]  should_failslab+0x9/0x14
[ 3437.482162]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3437.491481]  ? ___might_sleep+0x163/0x280
[ 3437.491500]  ? __might_sleep+0x95/0x190
[ 3437.491522]  apparmor_file_alloc_security+0x112/0x940
[ 3437.499886]  security_file_alloc+0x69/0xb0
[ 3437.499905]  __alloc_file+0xac/0x300
[ 3437.499921]  alloc_empty_file+0x72/0x170
[ 3437.508380]  path_openat+0xef/0x4690
[ 3437.508396]  ? __lock_acquire+0x53b/0x4700
[ 3437.508412]  ? getname+0x1a/0x20
[ 3437.516508]  ? do_sys_open+0x2c9/0x5d0
[ 3437.516520]  ? __x64_sys_open+0x7e/0xc0
[ 3437.516535]  ? do_syscall_64+0x103/0x610
[ 3437.516551]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.516578]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 3437.525981]  ? __lock_is_held+0xb6/0x140
[ 3437.526003]  ? __alloc_fd+0x430/0x530
[ 3437.526023]  do_filp_open+0x1a1/0x280
[ 3437.526043]  ? may_open_dev+0x100/0x100
[ 3437.583184]  ? lock_downgrade+0x810/0x810
[ 3437.587369]  ? kasan_check_read+0x11/0x20
[ 3437.591529]  ? do_raw_spin_unlock+0x57/0x270
[ 3437.595952]  ? _raw_spin_unlock+0x2d/0x50
[ 3437.600115]  ? __alloc_fd+0x430/0x530
[ 3437.603943]  do_sys_open+0x3fe/0x5d0
[ 3437.607673]  ? filp_open+0x80/0x80
[ 3437.611225]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3437.615996]  ? do_syscall_64+0x26/0x610
[ 3437.619984]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.625367]  ? do_syscall_64+0x26/0x610
[ 3437.629365]  __x64_sys_open+0x7e/0xc0
[ 3437.633176]  do_syscall_64+0x103/0x610
[ 3437.637079]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.642270] RIP: 0033:0x411f21
[ 3437.645469] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
18:27:06 executing program 3 (fault-call:2 fault-nth:7):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:06 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x600000000000000}, 0x0)

[ 3437.664380] RSP: 002b:00007f7c62555a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 3437.672089] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21
[ 3437.679368] RDX: 00007f7c62555afa RSI: 0000000000000002 RDI: 00007f7c62555af0
[ 3437.686641] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3437.693910] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004
[ 3437.701168] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:06 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:06 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xc00000000000000}, 0x0)

18:27:06 executing program 1 (fault-call:0 fault-nth:9):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3437.760194] FAULT_INJECTION: forcing a failure.
[ 3437.760194] name failslab, interval 1, probability 0, space 0, times 0
[ 3437.801850] CPU: 1 PID: 6367 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3437.808990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3437.818649] Call Trace:
[ 3437.818675]  dump_stack+0x172/0x1f0
[ 3437.818696]  should_fail.cold+0xa/0x1b
[ 3437.818717]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3437.833927]  ? lock_downgrade+0x810/0x810
[ 3437.838092]  ? ___might_sleep+0x163/0x280
[ 3437.842264]  __should_failslab+0x121/0x190
[ 3437.846533]  should_failslab+0x9/0x14
[ 3437.850363]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3437.855028]  ? ___might_sleep+0x163/0x280
[ 3437.855046]  ? __might_sleep+0x95/0x190
[ 3437.855073]  apparmor_file_alloc_security+0x112/0x940
[ 3437.855091]  security_file_alloc+0x69/0xb0
[ 3437.855107]  __alloc_file+0xac/0x300
[ 3437.870692] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3437.872632]  alloc_empty_file+0x72/0x170
[ 3437.872652]  path_openat+0xef/0x4690
[ 3437.872668]  ? __lock_acquire+0x53b/0x4700
[ 3437.881734]  ? getname+0x1a/0x20
[ 3437.897071]  ? do_sys_open+0x2c9/0x5d0
[ 3437.900961]  ? __x64_sys_open+0x7e/0xc0
[ 3437.904943]  ? do_syscall_64+0x103/0x610
[ 3437.909015]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.914402]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 3437.914416]  ? __lock_is_held+0xb6/0x140
[ 3437.914428]  ? find_held_lock+0x35/0x130
[ 3437.914445]  ? find_held_lock+0x35/0x130
[ 3437.914459]  ? __alloc_fd+0x430/0x530
[ 3437.935192]  do_filp_open+0x1a1/0x280
[ 3437.939011]  ? may_open_dev+0x100/0x100
[ 3437.943008]  ? lock_downgrade+0x810/0x810
[ 3437.947175]  ? kasan_check_read+0x11/0x20
[ 3437.951352]  ? do_raw_spin_unlock+0x57/0x270
[ 3437.955773]  ? _raw_spin_unlock+0x2d/0x50
[ 3437.959930]  ? __alloc_fd+0x430/0x530
[ 3437.963753]  do_sys_open+0x3fe/0x5d0
[ 3437.967481]  ? filp_open+0x80/0x80
[ 3437.971047]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3437.975816]  ? do_syscall_64+0x26/0x610
[ 3437.979794]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3437.985163]  ? do_syscall_64+0x26/0x610
[ 3437.985181]  __x64_sys_open+0x7e/0xc0
[ 3437.985198]  do_syscall_64+0x103/0x610
[ 3437.985216]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
18:27:06 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xc15000000000000}, 0x0)

18:27:06 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x800000000000000}, 0x0)

[ 3437.985227] RIP: 0033:0x411f21
[ 3437.985242] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 3437.985250] RSP: 002b:00007f4fff5f2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
[ 3437.985264] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21
[ 3437.985275] RDX: 00007f4fff5f2afa RSI: 0000000000000002 RDI: 00007f4fff5f2af0
[ 3438.022649] FAULT_INJECTION: forcing a failure.
18:27:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3438.022649] name failslab, interval 1, probability 0, space 0, times 0
[ 3438.024210] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3438.024219] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000006
[ 3438.024228] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
[ 3438.035229] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3438.035954] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3438.061944] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:06 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:06 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xe00000000000000}, 0x0)

[ 3438.091949] CPU: 1 PID: 6377 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3438.109097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3438.118455] Call Trace:
[ 3438.121067]  dump_stack+0x172/0x1f0
[ 3438.124710]  should_fail.cold+0xa/0x1b
[ 3438.128613]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3438.133726]  ? lock_downgrade+0x810/0x810
[ 3438.137885]  ? ___might_sleep+0x163/0x280
[ 3438.142057]  __should_failslab+0x121/0x190
[ 3438.146329]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 3438.151098]  should_failslab+0x9/0x14
[ 3438.154911]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3438.159593]  ? lockdep_init_map+0x10c/0x5b0
[ 3438.163928]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 3438.168688]  __kthread_create_on_node+0xf2/0x460
[ 3438.173446]  ? lock_acquire+0x16f/0x3f0
[ 3438.177434]  ? kthread_parkme+0xb0/0xb0
[ 3438.181420]  ? mutex_trylock+0x1e0/0x1e0
[ 3438.185481]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 3438.190234]  kthread_create_on_node+0xbb/0xf0
[ 3438.194734]  ? __kthread_create_on_node+0x460/0x460
[ 3438.199751]  ? lockdep_init_map+0x10c/0x5b0
[ 3438.204064]  ? lockdep_init_map+0x10c/0x5b0
[ 3438.208381]  lo_ioctl+0xafb/0x20d0
[ 3438.211915]  ? lo_rw_aio+0x1530/0x1530
[ 3438.215808]  blkdev_ioctl+0xee8/0x1c40
[ 3438.219695]  ? blkpg_ioctl+0xa90/0xa90
[ 3438.223572]  ? find_held_lock+0x35/0x130
[ 3438.227627]  ? debug_check_no_obj_freed+0x200/0x464
[ 3438.232644]  ? kasan_check_read+0x11/0x20
[ 3438.236791]  ? __fget+0x340/0x540
[ 3438.240242]  ? find_held_lock+0x35/0x130
[ 3438.244308]  ? __fget+0x340/0x540
[ 3438.247755]  block_ioctl+0xee/0x130
[ 3438.251371]  ? blkdev_fallocate+0x410/0x410
[ 3438.255697]  do_vfs_ioctl+0xd6e/0x1390
[ 3438.259586]  ? ioctl_preallocate+0x210/0x210
[ 3438.263985]  ? __fget+0x367/0x540
[ 3438.267433]  ? iterate_fd+0x360/0x360
[ 3438.271227]  ? do_sys_open+0x31d/0x5d0
[ 3438.275127]  ? security_file_ioctl+0x93/0xc0
[ 3438.279537]  ksys_ioctl+0xab/0xd0
[ 3438.282984]  __x64_sys_ioctl+0x73/0xb0
[ 3438.286865]  do_syscall_64+0x103/0x610
[ 3438.290747]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3438.295935] RIP: 0033:0x457ca7
[ 3438.299125] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3438.318027] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3438.325733] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3438.332991] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3438.340265] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
18:27:06 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xa00000000000000}, 0x0)

[ 3438.347525] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3438.354796] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3438.386136] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:06 executing program 3 (fault-call:2 fault-nth:8):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3438.386915] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3438.408039] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:06 executing program 1 (fault-call:0 fault-nth:10):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:06 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:06 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xc00000000000000}, 0x0)

[ 3438.526577] FAULT_INJECTION: forcing a failure.
[ 3438.526577] name failslab, interval 1, probability 0, space 0, times 0
18:27:06 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xf00000000000000}, 0x0)

[ 3438.579900] FAULT_INJECTION: forcing a failure.
[ 3438.579900] name failslab, interval 1, probability 0, space 0, times 0
[ 3438.604098] CPU: 0 PID: 6406 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3438.609085] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3438.611248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3438.628913] Call Trace:
[ 3438.631517]  dump_stack+0x172/0x1f0
[ 3438.635155]  should_fail.cold+0xa/0x1b
[ 3438.639051]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3438.644161]  ? lock_downgrade+0x810/0x810
[ 3438.648316]  ? ___might_sleep+0x163/0x280
[ 3438.652476]  __should_failslab+0x121/0x190
[ 3438.656731]  should_failslab+0x9/0x14
[ 3438.660538]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3438.665209]  ? ___might_sleep+0x163/0x280
[ 3438.669382]  ? __might_sleep+0x95/0x190
[ 3438.673366]  apparmor_file_alloc_security+0x112/0x940
[ 3438.678565]  security_file_alloc+0x69/0xb0
[ 3438.682809]  __alloc_file+0xac/0x300
[ 3438.686530]  alloc_empty_file+0x72/0x170
[ 3438.690599]  path_openat+0xef/0x4690
[ 3438.694316]  ? __lock_acquire+0x53b/0x4700
[ 3438.698554]  ? getname+0x1a/0x20
[ 3438.701929]  ? do_sys_open+0x2c9/0x5d0
[ 3438.705817]  ? __x64_sys_open+0x7e/0xc0
[ 3438.709795]  ? do_syscall_64+0x103/0x610
[ 3438.713857]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3438.719248]  ? path_lookupat.isra.0+0x8d0/0x8d0
[ 3438.723918]  ? __lock_is_held+0xb6/0x140
[ 3438.727988]  ? __alloc_fd+0x430/0x530
[ 3438.731797]  do_filp_open+0x1a1/0x280
[ 3438.735606]  ? may_open_dev+0x100/0x100
[ 3438.739588]  ? lock_downgrade+0x810/0x810
[ 3438.743744]  ? kasan_check_read+0x11/0x20
[ 3438.747897]  ? do_raw_spin_unlock+0x57/0x270
[ 3438.752307]  ? _raw_spin_unlock+0x2d/0x50
[ 3438.756458]  ? __alloc_fd+0x430/0x530
[ 3438.760296]  do_sys_open+0x3fe/0x5d0
[ 3438.764019]  ? filp_open+0x80/0x80
[ 3438.767564]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3438.772322]  ? do_syscall_64+0x26/0x610
[ 3438.776298]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3438.781664]  ? do_syscall_64+0x26/0x610
[ 3438.785648]  __x64_sys_open+0x7e/0xc0
[ 3438.789452]  do_syscall_64+0x103/0x610
[ 3438.793357]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3438.798547] RIP: 0033:0x411f21
[ 3438.801744] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 2a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 73 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01
[ 3438.820645] RSP: 002b:00007f4fff5f2a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
18:27:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3438.828357] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000411f21
[ 3438.835626] RDX: 00007f4fff5f2afa RSI: 0000000000000002 RDI: 00007f4fff5f2af0
[ 3438.842892] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3438.850161] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000006
[ 3438.857433] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
[ 3438.864723] CPU: 1 PID: 6410 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3438.871841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
18:27:07 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3438.881198] Call Trace:
[ 3438.883808]  dump_stack+0x172/0x1f0
[ 3438.887451]  should_fail.cold+0xa/0x1b
[ 3438.891351]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3438.896462]  ? lock_downgrade+0x810/0x810
[ 3438.900625]  ? ___might_sleep+0x163/0x280
[ 3438.904790]  __should_failslab+0x121/0x190
[ 3438.909038]  should_failslab+0x9/0x14
[ 3438.912849]  kmem_cache_alloc+0x2be/0x710
[ 3438.917007]  ? find_held_lock+0x35/0x130
[ 3438.921081]  __kernfs_new_node+0xef/0x690
[ 3438.925258]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3438.930012]  ? __lock_acquire+0x53b/0x4700
[ 3438.934288]  kernfs_new_node+0x99/0x130
[ 3438.938266]  kernfs_create_dir_ns+0x52/0x160
[ 3438.942669]  internal_create_group+0x7f8/0xc40
[ 3438.947260]  ? bd_set_size+0x89/0xb0
[ 3438.950972]  ? remove_files.isra.0+0x190/0x190
[ 3438.955551]  sysfs_create_group+0x20/0x30
[ 3438.959689]  lo_ioctl+0xf8f/0x20d0
[ 3438.963235]  ? lo_rw_aio+0x1530/0x1530
[ 3438.967118]  blkdev_ioctl+0xee8/0x1c40
[ 3438.970998]  ? blkpg_ioctl+0xa90/0xa90
[ 3438.974889]  ? find_held_lock+0x35/0x130
[ 3438.978954]  ? debug_check_no_obj_freed+0x200/0x464
[ 3438.983985]  ? kasan_check_read+0x11/0x20
[ 3438.988133]  ? __fget+0x340/0x540
[ 3438.991579]  ? find_held_lock+0x35/0x130
[ 3438.995631]  ? __fget+0x340/0x540
[ 3438.999077]  block_ioctl+0xee/0x130
[ 3439.002691]  ? blkdev_fallocate+0x410/0x410
[ 3439.007013]  do_vfs_ioctl+0xd6e/0x1390
[ 3439.010902]  ? ioctl_preallocate+0x210/0x210
[ 3439.015306]  ? __fget+0x367/0x540
[ 3439.018753]  ? iterate_fd+0x360/0x360
[ 3439.022544]  ? do_sys_open+0x31d/0x5d0
[ 3439.026445]  ? security_file_ioctl+0x93/0xc0
[ 3439.030853]  ksys_ioctl+0xab/0xd0
[ 3439.034315]  __x64_sys_ioctl+0x73/0xb0
[ 3439.038218]  do_syscall_64+0x103/0x610
[ 3439.042103]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3439.047285] RIP: 0033:0x457ca7
[ 3439.050472] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3439.069364] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
18:27:07 executing program 3 (fault-call:2 fault-nth:9):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3439.077063] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3439.084328] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3439.091598] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3439.098857] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3439.106127] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3439.149985] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3439.178005] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3439.183841] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:07 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:07 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xe00000000000000}, 0x0)

18:27:07 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x1000000000000000}, 0x0)

[ 3439.184650] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3439.278204] FAULT_INJECTION: forcing a failure.
[ 3439.278204] name failslab, interval 1, probability 0, space 0, times 0
[ 3439.302653] CPU: 0 PID: 6432 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
18:27:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:07 executing program 1 (fault-call:0 fault-nth:11):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3439.309791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3439.319146] Call Trace:
[ 3439.321746]  dump_stack+0x172/0x1f0
[ 3439.325385]  should_fail.cold+0xa/0x1b
[ 3439.329295]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3439.334404]  ? lock_downgrade+0x810/0x810
[ 3439.338553]  ? ___might_sleep+0x163/0x280
[ 3439.342698]  __should_failslab+0x121/0x190
[ 3439.346930]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 3439.351693]  should_failslab+0x9/0x14
[ 3439.355493]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3439.360152]  ? lockdep_init_map+0x10c/0x5b0
[ 3439.364478]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 3439.369226]  __kthread_create_on_node+0xf2/0x460
[ 3439.373968]  ? lock_acquire+0x16f/0x3f0
[ 3439.377943]  ? kthread_parkme+0xb0/0xb0
[ 3439.381920]  ? mutex_trylock+0x1e0/0x1e0
[ 3439.385972]  ? loop_info64_to_compat+0x6d0/0x6d0
[ 3439.390834]  kthread_create_on_node+0xbb/0xf0
[ 3439.395318]  ? __kthread_create_on_node+0x460/0x460
[ 3439.400335]  ? lockdep_init_map+0x10c/0x5b0
[ 3439.404648]  ? lockdep_init_map+0x10c/0x5b0
[ 3439.408966]  lo_ioctl+0xafb/0x20d0
[ 3439.412501]  ? lo_rw_aio+0x1530/0x1530
[ 3439.416394]  blkdev_ioctl+0xee8/0x1c40
[ 3439.420284]  ? blkpg_ioctl+0xa90/0xa90
[ 3439.424176]  ? find_held_lock+0x35/0x130
[ 3439.428236]  ? debug_check_no_obj_freed+0x200/0x464
[ 3439.433245]  ? kasan_check_read+0x11/0x20
[ 3439.437383]  ? __fget+0x340/0x540
[ 3439.440828]  ? find_held_lock+0x35/0x130
[ 3439.444877]  ? __fget+0x340/0x540
[ 3439.448322]  block_ioctl+0xee/0x130
[ 3439.451936]  ? blkdev_fallocate+0x410/0x410
[ 3439.456310]  do_vfs_ioctl+0xd6e/0x1390
[ 3439.460202]  ? ioctl_preallocate+0x210/0x210
[ 3439.464605]  ? __fget+0x367/0x540
[ 3439.468050]  ? iterate_fd+0x360/0x360
[ 3439.471842]  ? do_sys_open+0x31d/0x5d0
[ 3439.475726]  ? security_file_ioctl+0x93/0xc0
[ 3439.480127]  ksys_ioctl+0xab/0xd0
[ 3439.483572]  __x64_sys_ioctl+0x73/0xb0
[ 3439.487451]  do_syscall_64+0x103/0x610
[ 3439.491333]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3439.496508] RIP: 0033:0x457ca7
[ 3439.499689] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3439.518577] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3439.526269] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3439.533526] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[ 3439.540788] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3439.548043] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000006
[ 3439.555300] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
[ 3439.620368] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3439.621197] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:08 executing program 3 (fault-call:2 fault-nth:10):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3439.659241] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:08 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf00000000000000}, 0x0)

18:27:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3439.706751] FAULT_INJECTION: forcing a failure.
[ 3439.706751] name failslab, interval 1, probability 0, space 0, times 0
[ 3439.718907] CPU: 0 PID: 6461 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3439.726015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3439.735372] Call Trace:
[ 3439.737978]  dump_stack+0x172/0x1f0
[ 3439.741619]  should_fail.cold+0xa/0x1b
[ 3439.745517]  ? kernel_text_address+0x73/0xf0
[ 3439.749943]  ? fault_create_debugfs_attr+0x1e0/0x1e0
18:27:08 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x2000000000000000}, 0x0)

[ 3439.755064]  ? unwind_get_return_address+0x61/0xa0
[ 3439.760006]  ? __save_stack_trace+0x8a/0xf0
[ 3439.764351]  __should_failslab+0x121/0x190
[ 3439.768600]  should_failslab+0x9/0x14
[ 3439.772414]  kmem_cache_alloc+0x47/0x710
[ 3439.776476]  ? save_stack+0xa9/0xd0
[ 3439.780107]  ? save_stack+0x45/0xd0
[ 3439.783726]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3439.788821]  ? kasan_slab_alloc+0xf/0x20
[ 3439.792879]  radix_tree_node_alloc.constprop.0+0x1eb/0x340
[ 3439.798498]  idr_get_free+0x425/0x8d0
[ 3439.802297]  idr_alloc_u32+0x19e/0x330
[ 3439.806185]  ? __fprop_inc_percpu_max+0x230/0x230
[ 3439.811026]  ? __lock_is_held+0xb6/0x140
[ 3439.815078]  ? check_preemption_disabled+0x48/0x290
[ 3439.820084]  idr_alloc_cyclic+0x132/0x270
[ 3439.824225]  ? idr_alloc+0x150/0x150
[ 3439.827936]  __kernfs_new_node+0x171/0x690
[ 3439.832185]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3439.836932]  ? __lock_acquire+0x53b/0x4700
[ 3439.841168]  ? _raw_spin_unlock_irq+0x5e/0x90
[ 3439.845653]  ? __schedule+0x1387/0x1cc0
[ 3439.849626]  kernfs_new_node+0x99/0x130
[ 3439.853595]  kernfs_create_dir_ns+0x52/0x160
[ 3439.858005]  internal_create_group+0x7f8/0xc40
[ 3439.862582]  ? bd_set_size+0x89/0xb0
[ 3439.866293]  ? remove_files.isra.0+0x190/0x190
[ 3439.870873]  sysfs_create_group+0x20/0x30
[ 3439.875015]  lo_ioctl+0xf8f/0x20d0
[ 3439.878548]  ? lo_rw_aio+0x1530/0x1530
[ 3439.882443]  blkdev_ioctl+0xee8/0x1c40
[ 3439.886324]  ? blkpg_ioctl+0xa90/0xa90
[ 3439.890212]  ? find_held_lock+0x35/0x130
[ 3439.894270]  ? debug_check_no_obj_freed+0x200/0x464
[ 3439.899275]  ? kasan_check_read+0x11/0x20
[ 3439.903422]  ? __fget+0x340/0x540
[ 3439.906877]  ? find_held_lock+0x35/0x130
[ 3439.910930]  ? __fget+0x340/0x540
[ 3439.914375]  block_ioctl+0xee/0x130
[ 3439.918004]  ? blkdev_fallocate+0x410/0x410
[ 3439.922326]  do_vfs_ioctl+0xd6e/0x1390
[ 3439.926207]  ? ioctl_preallocate+0x210/0x210
[ 3439.930605]  ? __fget+0x367/0x540
[ 3439.934050]  ? iterate_fd+0x360/0x360
[ 3439.937839]  ? do_sys_open+0x31d/0x5d0
[ 3439.941721]  ? security_file_ioctl+0x93/0xc0
[ 3439.946138]  ksys_ioctl+0xab/0xd0
[ 3439.949582]  __x64_sys_ioctl+0x73/0xb0
[ 3439.953465]  do_syscall_64+0x103/0x610
[ 3439.957346]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3439.962525] RIP: 0033:0x457ca7
[ 3439.965706] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3439.984596] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3439.992290] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3439.999553] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
18:27:08 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3440.006821] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3440.014086] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3440.021376] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3440.035378] FAULT_INJECTION: forcing a failure.
[ 3440.035378] name failslab, interval 1, probability 0, space 0, times 0
[ 3440.053311] CPU: 0 PID: 6465 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3440.060418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3440.069770] Call Trace:
[ 3440.072366]  dump_stack+0x172/0x1f0
[ 3440.075997]  should_fail.cold+0xa/0x1b
[ 3440.079881]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3440.084978]  ? lock_downgrade+0x810/0x810
[ 3440.089133]  ? ___might_sleep+0x163/0x280
[ 3440.093278]  __should_failslab+0x121/0x190
[ 3440.097512]  should_failslab+0x9/0x14
[ 3440.101394]  kmem_cache_alloc+0x2be/0x710
[ 3440.105539]  ? __schedule+0x1387/0x1cc0
[ 3440.109517]  __kernfs_new_node+0xef/0x690
[ 3440.113657]  ? _raw_spin_unlock_irq+0x28/0x90
[ 3440.118168]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3440.122917]  ? __lock_acquire+0x53b/0x4700
[ 3440.127165]  ? _raw_spin_unlock_irq+0x5e/0x90
[ 3440.131655]  ? __schedule+0x1387/0x1cc0
[ 3440.135630]  kernfs_new_node+0x99/0x130
[ 3440.139599]  kernfs_create_dir_ns+0x52/0x160
[ 3440.144006]  internal_create_group+0x7f8/0xc40
[ 3440.148582]  ? bd_set_size+0x89/0xb0
[ 3440.152296]  ? remove_files.isra.0+0x190/0x190
[ 3440.156884]  sysfs_create_group+0x20/0x30
[ 3440.161025]  lo_ioctl+0xf8f/0x20d0
[ 3440.164564]  ? lo_rw_aio+0x1530/0x1530
[ 3440.168449]  blkdev_ioctl+0xee8/0x1c40
[ 3440.172334]  ? blkpg_ioctl+0xa90/0xa90
[ 3440.176215]  ? find_held_lock+0x35/0x130
[ 3440.180274]  ? debug_check_no_obj_freed+0x200/0x464
[ 3440.185283]  ? kasan_check_read+0x11/0x20
[ 3440.189426]  ? __fget+0x340/0x540
[ 3440.192873]  ? find_held_lock+0x35/0x130
[ 3440.196927]  ? __fget+0x340/0x540
[ 3440.200381]  block_ioctl+0xee/0x130
[ 3440.203999]  ? blkdev_fallocate+0x410/0x410
[ 3440.208312]  do_vfs_ioctl+0xd6e/0x1390
[ 3440.212197]  ? ioctl_preallocate+0x210/0x210
[ 3440.216600]  ? __fget+0x367/0x540
[ 3440.220049]  ? iterate_fd+0x360/0x360
[ 3440.223842]  ? do_sys_open+0x31d/0x5d0
[ 3440.227731]  ? security_file_ioctl+0x93/0xc0
[ 3440.232175]  ksys_ioctl+0xab/0xd0
[ 3440.235625]  __x64_sys_ioctl+0x73/0xb0
[ 3440.239509]  do_syscall_64+0x103/0x610
[ 3440.243400]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3440.248587] RIP: 0033:0x457ca7
[ 3440.251771] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3440.270663] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3440.278369] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3440.285633] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[ 3440.292893] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3440.300155] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000006
[ 3440.307415] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
[ 3440.318007] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3440.379206] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[ 3440.414532] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:08 executing program 1 (fault-call:0 fault-nth:12):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:08 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x1000000000000000}, 0x0)

[ 3440.415473] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3440.436605] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:08 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x88', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:08 executing program 3 (fault-call:2 fault-nth:11):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x4800000000000000}, 0x0)

[ 3440.578606] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3440.581785] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3440.582999] FAULT_INJECTION: forcing a failure.
[ 3440.582999] name failslab, interval 1, probability 0, space 0, times 0
[ 3440.628144] CPU: 1 PID: 6497 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3440.635277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3440.644633] Call Trace:
[ 3440.647236]  dump_stack+0x172/0x1f0
[ 3440.650864]  should_fail.cold+0xa/0x1b
[ 3440.654757]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3440.659858]  ? lock_downgrade+0x810/0x810
[ 3440.664015]  ? ___might_sleep+0x163/0x280
[ 3440.668166]  __should_failslab+0x121/0x190
[ 3440.672394]  should_failslab+0x9/0x14
[ 3440.676196]  kmem_cache_alloc+0x2be/0x710
[ 3440.680345]  ? find_held_lock+0x35/0x130
[ 3440.684404]  ? kernfs_activate+0x192/0x1f0
[ 3440.688641]  __kernfs_new_node+0xef/0x690
[ 3440.692797]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3440.697551]  ? lock_downgrade+0x810/0x810
[ 3440.701689]  ? kasan_check_write+0x14/0x20
[ 3440.705918]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 3440.710751]  ? wait_for_completion+0x440/0x440
[ 3440.715336]  kernfs_new_node+0x99/0x130
[ 3440.719313]  __kernfs_create_file+0x51/0x340
[ 3440.723728]  sysfs_add_file_mode_ns+0x222/0x560
[ 3440.728402]  internal_create_group+0x35b/0xc40
[ 3440.732971]  ? bd_set_size+0x89/0xb0
[ 3440.736692]  ? remove_files.isra.0+0x190/0x190
[ 3440.741277]  sysfs_create_group+0x20/0x30
[ 3440.745419]  lo_ioctl+0xf8f/0x20d0
[ 3440.748952]  ? lo_rw_aio+0x1530/0x1530
[ 3440.752838]  blkdev_ioctl+0xee8/0x1c40
[ 3440.756742]  ? blkpg_ioctl+0xa90/0xa90
[ 3440.760620]  ? find_held_lock+0x35/0x130
[ 3440.764686]  ? debug_check_no_obj_freed+0x200/0x464
[ 3440.769702]  ? kasan_check_read+0x11/0x20
[ 3440.773854]  ? __fget+0x340/0x540
[ 3440.777308]  ? find_held_lock+0x35/0x130
[ 3440.781364]  ? __fget+0x340/0x540
[ 3440.784825]  block_ioctl+0xee/0x130
[ 3440.788450]  ? blkdev_fallocate+0x410/0x410
[ 3440.792776]  do_vfs_ioctl+0xd6e/0x1390
[ 3440.796676]  ? ioctl_preallocate+0x210/0x210
[ 3440.801106]  ? __fget+0x367/0x540
[ 3440.804560]  ? iterate_fd+0x360/0x360
[ 3440.808362]  ? do_sys_open+0x31d/0x5d0
[ 3440.812244]  ? security_file_ioctl+0x93/0xc0
[ 3440.816655]  ksys_ioctl+0xab/0xd0
[ 3440.820113]  __x64_sys_ioctl+0x73/0xb0
[ 3440.824003]  do_syscall_64+0x103/0x610
[ 3440.827892]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3440.833084] RIP: 0033:0x457ca7
[ 3440.836272] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3440.855179] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3440.862896] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3440.870169] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
18:27:09 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\a\xff\xff\xfe', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:09 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x1b39000000000000}, 0x0)

[ 3440.877430] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3440.884696] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3440.891962] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3440.932534] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3440.944706] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3440.951340] FAULT_INJECTION: forcing a failure.
[ 3440.951340] name failslab, interval 1, probability 0, space 0, times 0
[ 3440.962661] CPU: 1 PID: 6503 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3440.969772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3440.979136] Call Trace:
[ 3440.981737]  dump_stack+0x172/0x1f0
[ 3440.985383]  should_fail.cold+0xa/0x1b
[ 3440.989281]  ? kernel_text_address+0x73/0xf0
[ 3440.993705]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3440.998829]  ? unwind_get_return_address+0x61/0xa0
[ 3441.003771]  ? __save_stack_trace+0x8a/0xf0
[ 3441.008118]  __should_failslab+0x121/0x190
[ 3441.012369]  should_failslab+0x9/0x14
[ 3441.016185]  kmem_cache_alloc+0x47/0x710
[ 3441.020256]  ? save_stack+0xa9/0xd0
[ 3441.023894]  ? save_stack+0x45/0xd0
[ 3441.027530]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
18:27:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x4c00000000000000}, 0x0)

18:27:09 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x3f00000000000000}, 0x0)

18:27:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3441.032639]  ? kasan_slab_alloc+0xf/0x20
[ 3441.036722]  radix_tree_node_alloc.constprop.0+0x1eb/0x340
[ 3441.042362]  idr_get_free+0x425/0x8d0
[ 3441.046187]  idr_alloc_u32+0x19e/0x330
[ 3441.050103]  ? __fprop_inc_percpu_max+0x230/0x230
[ 3441.054962]  ? __lock_is_held+0xb6/0x140
[ 3441.059043]  ? check_preemption_disabled+0x48/0x290
[ 3441.064087]  idr_alloc_cyclic+0x132/0x270
[ 3441.068247]  ? idr_alloc+0x150/0x150
[ 3441.071983]  __kernfs_new_node+0x171/0x690
[ 3441.076227]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3441.080976]  ? __lock_acquire+0x53b/0x4700
[ 3441.085225]  kernfs_new_node+0x99/0x130
[ 3441.089202]  kernfs_create_dir_ns+0x52/0x160
[ 3441.093615]  internal_create_group+0x7f8/0xc40
[ 3441.098197]  ? bd_set_size+0x89/0xb0
[ 3441.101905]  ? remove_files.isra.0+0x190/0x190
[ 3441.106500]  sysfs_create_group+0x20/0x30
[ 3441.110652]  lo_ioctl+0xf8f/0x20d0
[ 3441.114200]  ? lo_rw_aio+0x1530/0x1530
[ 3441.118090]  blkdev_ioctl+0xee8/0x1c40
[ 3441.121969]  ? blkpg_ioctl+0xa90/0xa90
[ 3441.125858]  ? find_held_lock+0x35/0x130
[ 3441.129921]  ? debug_check_no_obj_freed+0x200/0x464
[ 3441.134929]  ? kasan_check_read+0x11/0x20
[ 3441.139071]  ? __fget+0x340/0x540
[ 3441.142515]  ? find_held_lock+0x35/0x130
[ 3441.146580]  ? __fget+0x340/0x540
[ 3441.150050]  block_ioctl+0xee/0x130
[ 3441.153675]  ? blkdev_fallocate+0x410/0x410
[ 3441.157998]  do_vfs_ioctl+0xd6e/0x1390
[ 3441.161893]  ? ioctl_preallocate+0x210/0x210
[ 3441.166297]  ? __fget+0x367/0x540
[ 3441.169749]  ? iterate_fd+0x360/0x360
[ 3441.173556]  ? do_sys_open+0x31d/0x5d0
[ 3441.177448]  ? security_file_ioctl+0x93/0xc0
[ 3441.181847]  ksys_ioctl+0xab/0xd0
[ 3441.185307]  __x64_sys_ioctl+0x73/0xb0
[ 3441.189208]  do_syscall_64+0x103/0x610
[ 3441.193099]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3441.198288] RIP: 0033:0x457ca7
[ 3441.201479] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3441.220367] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3441.228090] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3441.235359] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[ 3441.242622] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3441.249881] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000006
[ 3441.257142] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
18:27:09 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3441.284221] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[ 3441.287504] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3441.289532] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:09 executing program 1 (fault-call:0 fault-nth:13):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:09 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x6000000000000000}, 0x0)

18:27:09 executing program 3 (fault-call:2 fault-nth:12):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3441.426216] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3441.430489] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3441.442568] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:09 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x6000000000000000}, 0x0)

18:27:09 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3441.567879] FAULT_INJECTION: forcing a failure.
[ 3441.567879] name failslab, interval 1, probability 0, space 0, times 0
[ 3441.579919] CPU: 1 PID: 6549 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3441.587112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3441.596544] Call Trace:
[ 3441.599129]  dump_stack+0x172/0x1f0
[ 3441.602765]  should_fail.cold+0xa/0x1b
[ 3441.606651]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3441.611758]  ? lock_downgrade+0x810/0x810
[ 3441.615915]  ? ___might_sleep+0x163/0x280
[ 3441.620069]  __should_failslab+0x121/0x190
[ 3441.624311]  should_failslab+0x9/0x14
[ 3441.628113]  kmem_cache_alloc+0x2be/0x710
[ 3441.632256]  ? lock_downgrade+0x810/0x810
[ 3441.636396]  ? kasan_check_read+0x11/0x20
[ 3441.640539]  __kernfs_new_node+0xef/0x690
[ 3441.644697]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3441.649455]  ? wait_for_completion+0x440/0x440
[ 3441.654048]  ? mutex_unlock+0xd/0x10
[ 3441.657773]  ? kernfs_activate+0x192/0x1f0
[ 3441.662028]  kernfs_new_node+0x99/0x130
[ 3441.666021]  __kernfs_create_file+0x51/0x340
[ 3441.670430]  sysfs_add_file_mode_ns+0x222/0x560
[ 3441.675108]  internal_create_group+0x35b/0xc40
[ 3441.679696]  ? bd_set_size+0x89/0xb0
[ 3441.683422]  ? remove_files.isra.0+0x190/0x190
[ 3441.688022]  sysfs_create_group+0x20/0x30
[ 3441.692176]  lo_ioctl+0xf8f/0x20d0
[ 3441.695738]  ? lo_rw_aio+0x1530/0x1530
[ 3441.699629]  blkdev_ioctl+0xee8/0x1c40
[ 3441.703517]  ? blkpg_ioctl+0xa90/0xa90
[ 3441.707408]  ? find_held_lock+0x35/0x130
[ 3441.711470]  ? debug_check_no_obj_freed+0x200/0x464
[ 3441.716488]  ? kasan_check_read+0x11/0x20
[ 3441.720629]  ? __fget+0x340/0x540
[ 3441.724081]  ? find_held_lock+0x35/0x130
[ 3441.728145]  ? __fget+0x340/0x540
[ 3441.731592]  block_ioctl+0xee/0x130
[ 3441.735220]  ? blkdev_fallocate+0x410/0x410
[ 3441.739540]  do_vfs_ioctl+0xd6e/0x1390
[ 3441.743549]  ? ioctl_preallocate+0x210/0x210
[ 3441.747956]  ? __fget+0x367/0x540
[ 3441.751429]  ? iterate_fd+0x360/0x360
[ 3441.755370]  ? do_sys_open+0x31d/0x5d0
[ 3441.759266]  ? security_file_ioctl+0x93/0xc0
[ 3441.763679]  ksys_ioctl+0xab/0xd0
[ 3441.767138]  __x64_sys_ioctl+0x73/0xb0
[ 3441.771029]  do_syscall_64+0x103/0x610
[ 3441.774927]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3441.780116] RIP: 0033:0x457ca7
[ 3441.783301] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3441.802331] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3441.810032] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
18:27:10 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x6558000000000000}, 0x0)

[ 3441.817291] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3441.824556] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3441.831827] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3441.839087] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3441.857143] FAULT_INJECTION: forcing a failure.
[ 3441.857143] name failslab, interval 1, probability 0, space 0, times 0
[ 3441.868944] CPU: 1 PID: 6547 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3441.871954] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3441.876080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3441.876086] Call Trace:
[ 3441.876111]  dump_stack+0x172/0x1f0
[ 3441.876133]  should_fail.cold+0xa/0x1b
[ 3441.876153]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3441.876169]  ? lock_downgrade+0x810/0x810
[ 3441.876188]  ? ___might_sleep+0x163/0x280
[ 3441.876211]  __should_failslab+0x121/0x190
[ 3441.876230]  should_failslab+0x9/0x14
[ 3441.876245]  kmem_cache_alloc+0x2be/0x710
[ 3441.876257]  ? find_held_lock+0x35/0x130
[ 3441.876272]  ? kernfs_activate+0x192/0x1f0
[ 3441.876293]  __kernfs_new_node+0xef/0x690
[ 3441.876313]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3441.876327]  ? lock_downgrade+0x810/0x810
[ 3441.952107]  ? kasan_check_write+0x14/0x20
[ 3441.956339]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 3441.961179]  ? wait_for_completion+0x440/0x440
[ 3441.965769]  kernfs_new_node+0x99/0x130
[ 3441.969750]  __kernfs_create_file+0x51/0x340
[ 3441.974153]  sysfs_add_file_mode_ns+0x222/0x560
[ 3441.978817]  internal_create_group+0x35b/0xc40
[ 3441.983401]  ? bd_set_size+0x89/0xb0
[ 3441.987137]  ? remove_files.isra.0+0x190/0x190
[ 3441.991727]  sysfs_create_group+0x20/0x30
[ 3441.995873]  lo_ioctl+0xf8f/0x20d0
[ 3441.999409]  ? lo_rw_aio+0x1530/0x1530
[ 3442.003294]  blkdev_ioctl+0xee8/0x1c40
[ 3442.007187]  ? blkpg_ioctl+0xa90/0xa90
[ 3442.011197]  ? find_held_lock+0x35/0x130
[ 3442.015261]  ? debug_check_no_obj_freed+0x200/0x464
[ 3442.020278]  ? kasan_check_read+0x11/0x20
[ 3442.024428]  ? __fget+0x340/0x540
[ 3442.027893]  ? find_held_lock+0x35/0x130
[ 3442.031970]  ? __fget+0x340/0x540
[ 3442.035414]  block_ioctl+0xee/0x130
[ 3442.039028]  ? blkdev_fallocate+0x410/0x410
[ 3442.043345]  do_vfs_ioctl+0xd6e/0x1390
[ 3442.047246]  ? ioctl_preallocate+0x210/0x210
[ 3442.051656]  ? __fget+0x367/0x540
[ 3442.055105]  ? iterate_fd+0x360/0x360
[ 3442.058894]  ? do_sys_open+0x31d/0x5d0
[ 3442.062778]  ? security_file_ioctl+0x93/0xc0
[ 3442.067194]  ksys_ioctl+0xab/0xd0
[ 3442.070647]  __x64_sys_ioctl+0x73/0xb0
[ 3442.074532]  do_syscall_64+0x103/0x610
[ 3442.078413]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3442.083596] RIP: 0033:0x457ca7
[ 3442.086795] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3442.105704] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3442.113420] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3442.120686] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[ 3442.127969] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3442.135236] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000006
[ 3442.142494] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
18:27:10 executing program 1 (fault-call:0 fault-nth:14):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3442.221143] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3442.221997] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3442.230911] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3442.245445] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
18:27:10 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:10 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x6558000000000000}, 0x0)

18:27:10 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x8100000000000000}, 0x0)

18:27:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:10 executing program 3 (fault-call:2 fault-nth:13):
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3442.352456] FAULT_INJECTION: forcing a failure.
[ 3442.352456] name failslab, interval 1, probability 0, space 0, times 0
[ 3442.385568] CPU: 1 PID: 6575 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3442.392242] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3442.392732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3442.398186] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3442.410417] Call Trace:
[ 3442.421346]  dump_stack+0x172/0x1f0
[ 3442.424972]  should_fail.cold+0xa/0x1b
[ 3442.428849]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3442.433962]  ? lock_downgrade+0x810/0x810
[ 3442.438122]  ? ___might_sleep+0x163/0x280
[ 3442.442269]  __should_failslab+0x121/0x190
[ 3442.446497]  should_failslab+0x9/0x14
[ 3442.450291]  kmem_cache_alloc+0x2be/0x710
[ 3442.454444]  ? lock_downgrade+0x810/0x810
[ 3442.458589]  ? kasan_check_read+0x11/0x20
[ 3442.462731]  __kernfs_new_node+0xef/0x690
[ 3442.466870]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3442.471618]  ? wait_for_completion+0x440/0x440
[ 3442.476206]  ? mutex_unlock+0xd/0x10
[ 3442.479929]  ? kernfs_activate+0x192/0x1f0
[ 3442.484156]  kernfs_new_node+0x99/0x130
[ 3442.488120]  __kernfs_create_file+0x51/0x340
[ 3442.492518]  sysfs_add_file_mode_ns+0x222/0x560
[ 3442.497192]  internal_create_group+0x35b/0xc40
[ 3442.501774]  ? bd_set_size+0x89/0xb0
[ 3442.505483]  ? remove_files.isra.0+0x190/0x190
[ 3442.510061]  sysfs_create_group+0x20/0x30
[ 3442.514210]  lo_ioctl+0xf8f/0x20d0
[ 3442.517766]  ? lo_rw_aio+0x1530/0x1530
[ 3442.521654]  blkdev_ioctl+0xee8/0x1c40
[ 3442.525536]  ? blkpg_ioctl+0xa90/0xa90
[ 3442.529411]  ? find_held_lock+0x35/0x130
[ 3442.533477]  ? debug_check_no_obj_freed+0x200/0x464
[ 3442.538497]  ? kasan_check_read+0x11/0x20
[ 3442.542642]  ? __fget+0x340/0x540
[ 3442.546088]  ? find_held_lock+0x35/0x130
[ 3442.550140]  ? __fget+0x340/0x540
[ 3442.553593]  block_ioctl+0xee/0x130
[ 3442.557227]  ? blkdev_fallocate+0x410/0x410
[ 3442.561548]  do_vfs_ioctl+0xd6e/0x1390
[ 3442.565427]  ? ioctl_preallocate+0x210/0x210
[ 3442.569821]  ? __fget+0x367/0x540
[ 3442.573267]  ? iterate_fd+0x360/0x360
[ 3442.577067]  ? do_sys_open+0x31d/0x5d0
[ 3442.580960]  ? security_file_ioctl+0x93/0xc0
[ 3442.585358]  ksys_ioctl+0xab/0xd0
[ 3442.588802]  __x64_sys_ioctl+0x73/0xb0
[ 3442.592684]  do_syscall_64+0x103/0x610
[ 3442.596576]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3442.601758] RIP: 0033:0x457ca7
[ 3442.604943] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3442.623831] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3442.631523] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3442.638779] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3442.646038] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
18:27:11 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3442.653293] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3442.660550] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:11 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x6800000000000000}, 0x0)

18:27:11 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x88a8ffff00000000}, 0x0)

18:27:11 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3442.745641] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3442.751698] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3442.771835] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:11 executing program 1 (fault-call:0 fault-nth:15):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3442.772946] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3442.842725] FAULT_INJECTION: forcing a failure.
[ 3442.842725] name failslab, interval 1, probability 0, space 0, times 0
[ 3442.857903] CPU: 0 PID: 6596 Comm: syz-executor3 Not tainted 5.0.0-rc5+ #61
[ 3442.865029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3442.874385] Call Trace:
[ 3442.876966]  dump_stack+0x172/0x1f0
[ 3442.880583]  should_fail.cold+0xa/0x1b
[ 3442.884467]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3442.889561]  ? lock_downgrade+0x810/0x810
[ 3442.893703]  ? ___might_sleep+0x163/0x280
[ 3442.897843]  __should_failslab+0x121/0x190
[ 3442.902069]  should_failslab+0x9/0x14
[ 3442.905858]  kmem_cache_alloc+0x2be/0x710
[ 3442.910006]  ? lock_downgrade+0x810/0x810
[ 3442.914145]  ? kasan_check_read+0x11/0x20
[ 3442.918284]  __kernfs_new_node+0xef/0x690
[ 3442.922421]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3442.927184]  ? wait_for_completion+0x440/0x440
[ 3442.931759]  ? mutex_unlock+0xd/0x10
[ 3442.935462]  ? kernfs_activate+0x192/0x1f0
[ 3442.939685]  kernfs_new_node+0x99/0x130
[ 3442.943710]  __kernfs_create_file+0x51/0x340
[ 3442.948112]  sysfs_add_file_mode_ns+0x222/0x560
[ 3442.952775]  internal_create_group+0x35b/0xc40
[ 3442.957342]  ? bd_set_size+0x89/0xb0
[ 3442.961050]  ? remove_files.isra.0+0x190/0x190
[ 3442.965631]  sysfs_create_group+0x20/0x30
[ 3442.969777]  lo_ioctl+0xf8f/0x20d0
[ 3442.973317]  ? lo_rw_aio+0x1530/0x1530
[ 3442.977193]  blkdev_ioctl+0xee8/0x1c40
[ 3442.981070]  ? blkpg_ioctl+0xa90/0xa90
[ 3442.984947]  ? find_held_lock+0x35/0x130
[ 3442.988998]  ? debug_check_no_obj_freed+0x200/0x464
[ 3442.994004]  ? kasan_check_read+0x11/0x20
[ 3442.998144]  ? __fget+0x340/0x540
[ 3443.001644]  ? find_held_lock+0x35/0x130
[ 3443.005696]  ? __fget+0x340/0x540
[ 3443.009144]  block_ioctl+0xee/0x130
[ 3443.012758]  ? blkdev_fallocate+0x410/0x410
[ 3443.017069]  do_vfs_ioctl+0xd6e/0x1390
[ 3443.020944]  ? ioctl_preallocate+0x210/0x210
[ 3443.025338]  ? __fget+0x367/0x540
[ 3443.028780]  ? iterate_fd+0x360/0x360
[ 3443.032566]  ? do_sys_open+0x31d/0x5d0
[ 3443.036446]  ? security_file_ioctl+0x93/0xc0
[ 3443.040842]  ksys_ioctl+0xab/0xd0
[ 3443.044295]  __x64_sys_ioctl+0x73/0xb0
[ 3443.048173]  do_syscall_64+0x103/0x610
[ 3443.052050]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3443.057225] RIP: 0033:0x457ca7
[ 3443.060410] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3443.079299] RSP: 002b:00007f4fff5f2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3443.086996] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3443.094254] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007
[ 3443.101510] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3443.108764] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000006
[ 3443.116023] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000005
18:27:11 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x9effffff00000000}, 0x0)

[ 3443.196909] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3443.205493] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[ 3443.216570] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3443.229358] FAULT_INJECTION: forcing a failure.
[ 3443.229358] name failslab, interval 1, probability 0, space 0, times 0
[ 3443.248565] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3443.254809] CPU: 1 PID: 6620 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3443.270284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3443.279640] Call Trace:
[ 3443.282244]  dump_stack+0x172/0x1f0
[ 3443.285909]  should_fail.cold+0xa/0x1b
[ 3443.289817]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3443.294956]  ? lock_downgrade+0x810/0x810
[ 3443.299119]  ? ___might_sleep+0x163/0x280
18:27:11 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:11 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x6c00000000000000}, 0x0)

[ 3443.303289]  __should_failslab+0x121/0x190
[ 3443.307537]  should_failslab+0x9/0x14
[ 3443.311347]  kmem_cache_alloc+0x2be/0x710
[ 3443.315496]  ? lock_downgrade+0x810/0x810
[ 3443.319633]  ? kasan_check_read+0x11/0x20
[ 3443.323786]  __kernfs_new_node+0xef/0x690
[ 3443.327936]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3443.332685]  ? wait_for_completion+0x440/0x440
[ 3443.337267]  ? mutex_unlock+0xd/0x10
[ 3443.340983]  ? kernfs_activate+0x192/0x1f0
[ 3443.345215]  kernfs_new_node+0x99/0x130
[ 3443.349185]  __kernfs_create_file+0x51/0x340
[ 3443.353588]  sysfs_add_file_mode_ns+0x222/0x560
[ 3443.358264]  internal_create_group+0x35b/0xc40
[ 3443.362849]  ? bd_set_size+0x89/0xb0
[ 3443.366561]  ? remove_files.isra.0+0x190/0x190
[ 3443.371139]  sysfs_create_group+0x20/0x30
[ 3443.375281]  lo_ioctl+0xf8f/0x20d0
[ 3443.378815]  ? lo_rw_aio+0x1530/0x1530
[ 3443.382711]  blkdev_ioctl+0xee8/0x1c40
[ 3443.386604]  ? blkpg_ioctl+0xa90/0xa90
[ 3443.390490]  ? find_held_lock+0x35/0x130
[ 3443.394554]  ? debug_check_no_obj_freed+0x200/0x464
[ 3443.399571]  ? kasan_check_read+0x11/0x20
[ 3443.403909]  ? __fget+0x340/0x540
[ 3443.407364]  ? find_held_lock+0x35/0x130
[ 3443.411417]  ? __fget+0x340/0x540
[ 3443.414876]  block_ioctl+0xee/0x130
[ 3443.418495]  ? blkdev_fallocate+0x410/0x410
[ 3443.422824]  do_vfs_ioctl+0xd6e/0x1390
[ 3443.426743]  ? ioctl_preallocate+0x210/0x210
[ 3443.431145]  ? __fget+0x367/0x540
[ 3443.434599]  ? iterate_fd+0x360/0x360
[ 3443.438395]  ? do_sys_open+0x31d/0x5d0
[ 3443.442289]  ? security_file_ioctl+0x93/0xc0
[ 3443.446779]  ksys_ioctl+0xab/0xd0
[ 3443.450240]  __x64_sys_ioctl+0x73/0xb0
[ 3443.454138]  do_syscall_64+0x103/0x610
[ 3443.458023]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3443.463201] RIP: 0033:0x457ca7
[ 3443.466397] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3443.485302] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3443.493008] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3443.500269] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3443.507526] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3443.514783] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3443.522041] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:11 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xf0ffffff00000000}, 0x0)

18:27:12 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3443.634706] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3443.636614] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3443.664703] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:12 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:12 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x7400000000000000}, 0x0)

18:27:12 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xffffff7f00000000}, 0x0)

[ 3443.665487] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:12 executing program 1 (fault-call:0 fault-nth:16):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3443.826211] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3
[ 3443.903880] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3443.911411] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3443.913002] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3443.935542] FAULT_INJECTION: forcing a failure.
18:27:12 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xffffffff00000000}, 0x0)

18:27:12 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x7a00000000000000}, 0x0)

[ 3443.935542] name failslab, interval 1, probability 0, space 0, times 0
[ 3443.955255] CPU: 0 PID: 6669 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3443.962362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3443.971720] Call Trace:
[ 3443.974325]  dump_stack+0x172/0x1f0
[ 3443.977976]  should_fail.cold+0xa/0x1b
[ 3443.981883]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3443.987004]  ? lock_downgrade+0x810/0x810
[ 3443.991167]  ? ___might_sleep+0x163/0x280
[ 3443.995333]  __should_failslab+0x121/0x190
[ 3443.999580]  should_failslab+0x9/0x14
18:27:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:12 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3444.003389]  kmem_cache_alloc+0x2be/0x710
[ 3444.007554]  ? lock_downgrade+0x810/0x810
[ 3444.011709]  ? kasan_check_read+0x11/0x20
[ 3444.015881]  __kernfs_new_node+0xef/0x690
[ 3444.020056]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3444.024847]  ? wait_for_completion+0x440/0x440
[ 3444.029437]  ? mutex_unlock+0xd/0x10
[ 3444.033146]  ? kernfs_activate+0x192/0x1f0
[ 3444.037376]  kernfs_new_node+0x99/0x130
[ 3444.041343]  __kernfs_create_file+0x51/0x340
[ 3444.045746]  sysfs_add_file_mode_ns+0x222/0x560
[ 3444.050411]  internal_create_group+0x35b/0xc40
[ 3444.054986]  ? bd_set_size+0x89/0xb0
[ 3444.058724]  ? remove_files.isra.0+0x190/0x190
[ 3444.063315]  sysfs_create_group+0x20/0x30
[ 3444.067455]  lo_ioctl+0xf8f/0x20d0
[ 3444.070990]  ? lo_rw_aio+0x1530/0x1530
[ 3444.074873]  blkdev_ioctl+0xee8/0x1c40
[ 3444.078753]  ? blkpg_ioctl+0xa90/0xa90
[ 3444.082647]  ? find_held_lock+0x35/0x130
[ 3444.086697]  ? debug_check_no_obj_freed+0x200/0x464
[ 3444.091703]  ? kasan_check_read+0x11/0x20
[ 3444.095842]  ? __fget+0x340/0x540
[ 3444.099286]  ? find_held_lock+0x35/0x130
[ 3444.103340]  ? __fget+0x340/0x540
[ 3444.106798]  block_ioctl+0xee/0x130
[ 3444.110412]  ? blkdev_fallocate+0x410/0x410
[ 3444.114726]  do_vfs_ioctl+0xd6e/0x1390
[ 3444.118606]  ? ioctl_preallocate+0x210/0x210
[ 3444.123006]  ? __fget+0x367/0x540
[ 3444.126451]  ? iterate_fd+0x360/0x360
[ 3444.130241]  ? do_sys_open+0x31d/0x5d0
[ 3444.134123]  ? security_file_ioctl+0x93/0xc0
[ 3444.138524]  ksys_ioctl+0xab/0xd0
[ 3444.141971]  __x64_sys_ioctl+0x73/0xb0
[ 3444.145854]  do_syscall_64+0x103/0x610
[ 3444.149742]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3444.154922] RIP: 0033:0x457ca7
[ 3444.158263] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3444.177152] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3444.184846] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3444.192103] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3444.199449] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3444.206706] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3444.213963] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3444.321117] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:12 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='\neiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:12 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0xfffffffffffff000}, 0x0)

[ 3444.366117] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3444.383901] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3444.392403] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:12 executing program 1 (fault-call:0 fault-nth:17):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:12 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:12 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x8100000000000000}, 0x0)

18:27:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3444.600254] FAULT_INJECTION: forcing a failure.
[ 3444.600254] name failslab, interval 1, probability 0, space 0, times 0
[ 3444.611713] CPU: 1 PID: 6713 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3444.618843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3444.628204] Call Trace:
[ 3444.630808]  dump_stack+0x172/0x1f0
[ 3444.634454]  should_fail.cold+0xa/0x1b
[ 3444.638356]  ? kernel_text_address+0x73/0xf0
18:27:12 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x2}, 0x0)

18:27:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:13 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3444.639829] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3444.640658] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3444.642794]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3444.664551]  ? unwind_get_return_address+0x61/0xa0
[ 3444.669500]  ? __save_stack_trace+0x8a/0xf0
[ 3444.673840]  __should_failslab+0x121/0x190
[ 3444.678089]  should_failslab+0x9/0x14
[ 3444.681901]  kmem_cache_alloc+0x47/0x710
[ 3444.685975]  ? save_stack+0xa9/0xd0
[ 3444.689608]  ? save_stack+0x45/0xd0
[ 3444.693234]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3444.698334]  ? kasan_slab_alloc+0xf/0x20
[ 3444.702403]  radix_tree_node_alloc.constprop.0+0x1eb/0x340
[ 3444.708042]  idr_get_free+0x425/0x8d0
[ 3444.711849]  idr_alloc_u32+0x19e/0x330
[ 3444.715759]  ? __fprop_inc_percpu_max+0x230/0x230
[ 3444.720606]  ? __lock_is_held+0xb6/0x140
[ 3444.724672]  ? check_preemption_disabled+0x48/0x290
[ 3444.729690]  idr_alloc_cyclic+0x132/0x270
[ 3444.733850]  ? idr_alloc+0x150/0x150
[ 3444.737584]  __kernfs_new_node+0x171/0x690
[ 3444.741826]  ? kernfs_dop_revalidate+0x3c0/0x3c0
[ 3444.746591]  ? wait_for_completion+0x440/0x440
[ 3444.751191]  ? mutex_unlock+0xd/0x10
[ 3444.754907]  ? kernfs_activate+0x192/0x1f0
[ 3444.759150]  kernfs_new_node+0x99/0x130
[ 3444.763120]  __kernfs_create_file+0x51/0x340
[ 3444.767522]  sysfs_add_file_mode_ns+0x222/0x560
[ 3444.772188]  internal_create_group+0x35b/0xc40
[ 3444.776786]  ? bd_set_size+0x89/0xb0
[ 3444.780508]  ? remove_files.isra.0+0x190/0x190
[ 3444.785101]  sysfs_create_group+0x20/0x30
[ 3444.789249]  lo_ioctl+0xf8f/0x20d0
[ 3444.792797]  ? lo_rw_aio+0x1530/0x1530
[ 3444.796699]  blkdev_ioctl+0xee8/0x1c40
[ 3444.800604]  ? blkpg_ioctl+0xa90/0xa90
[ 3444.804505]  ? find_held_lock+0x35/0x130
[ 3444.808579]  ? debug_check_no_obj_freed+0x200/0x464
[ 3444.813608]  ? kasan_check_read+0x11/0x20
[ 3444.817774]  ? __fget+0x340/0x540
[ 3444.821219]  ? find_held_lock+0x35/0x130
[ 3444.825273]  ? __fget+0x340/0x540
[ 3444.828734]  block_ioctl+0xee/0x130
[ 3444.832357]  ? blkdev_fallocate+0x410/0x410
[ 3444.836690]  do_vfs_ioctl+0xd6e/0x1390
[ 3444.840593]  ? ioctl_preallocate+0x210/0x210
[ 3444.845000]  ? __fget+0x367/0x540
[ 3444.848456]  ? iterate_fd+0x360/0x360
[ 3444.852254]  ? do_sys_open+0x31d/0x5d0
[ 3444.856153]  ? security_file_ioctl+0x93/0xc0
[ 3444.860564]  ksys_ioctl+0xab/0xd0
[ 3444.864024]  __x64_sys_ioctl+0x73/0xb0
[ 3444.867915]  do_syscall_64+0x103/0x610
[ 3444.871795]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3444.876978] RIP: 0033:0x457ca7
[ 3444.880179] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3444.899080] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3444.906782] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3444.914056] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3444.921324] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3444.928693] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3444.935974] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:13 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x88a8ffff00000000}, 0x0)

[ 3445.014531] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3445.033544] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:13 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:13 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='%eiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3445.044207] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3445.099187] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:13 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x3}, 0x0)

18:27:13 executing program 1 (fault-call:0 fault-nth:18):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:13 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x9effffff00000000}, 0x0)

[ 3445.265824] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3445.266566] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3445.326323] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:13 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3445.382135] FAULT_INJECTION: forcing a failure.
[ 3445.382135] name failslab, interval 1, probability 0, space 0, times 0
[ 3445.400105] CPU: 0 PID: 6767 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3445.407516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3445.416866] Call Trace:
[ 3445.419452]  dump_stack+0x172/0x1f0
[ 3445.423164]  should_fail.cold+0xa/0x1b
[ 3445.427049]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3445.432147]  ? lock_downgrade+0x810/0x810
[ 3445.436287]  ? ___might_sleep+0x163/0x280
[ 3445.440429]  __should_failslab+0x121/0x190
[ 3445.444682]  should_failslab+0x9/0x14
[ 3445.448484]  __kmalloc+0x2dc/0x740
[ 3445.452018]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3445.457457]  ? rcu_read_lock_sched_held+0x110/0x130
[ 3445.462461]  ? kobject_get_path+0xc4/0x1b0
[ 3445.466700]  kobject_get_path+0xc4/0x1b0
[ 3445.470753]  kobject_uevent_env+0x31f/0x1030
[ 3445.475154]  kobject_uevent+0x20/0x26
[ 3445.478948]  lo_ioctl+0x100b/0x20d0
[ 3445.482568]  ? lo_rw_aio+0x1530/0x1530
[ 3445.486447]  blkdev_ioctl+0xee8/0x1c40
[ 3445.490324]  ? blkpg_ioctl+0xa90/0xa90
[ 3445.494212]  ? find_held_lock+0x35/0x130
[ 3445.498273]  ? debug_check_no_obj_freed+0x200/0x464
[ 3445.503284]  ? kasan_check_read+0x11/0x20
[ 3445.507426]  ? __fget+0x340/0x540
[ 3445.510867]  ? find_held_lock+0x35/0x130
[ 3445.514922]  ? __fget+0x340/0x540
[ 3445.518435]  block_ioctl+0xee/0x130
[ 3445.522051]  ? blkdev_fallocate+0x410/0x410
[ 3445.526364]  do_vfs_ioctl+0xd6e/0x1390
[ 3445.530250]  ? ioctl_preallocate+0x210/0x210
[ 3445.534688]  ? __fget+0x367/0x540
[ 3445.538147]  ? iterate_fd+0x360/0x360
[ 3445.542032]  ? do_sys_open+0x31d/0x5d0
[ 3445.545933]  ? security_file_ioctl+0x93/0xc0
[ 3445.550340]  ksys_ioctl+0xab/0xd0
[ 3445.553792]  __x64_sys_ioctl+0x73/0xb0
[ 3445.557981]  do_syscall_64+0x103/0x610
[ 3445.561864]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3445.567044] RIP: 0033:0x457ca7
18:27:14 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

18:27:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:14 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xf0ffffff00000000}, 0x0)

[ 3445.570224] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3445.589326] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3445.597022] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3445.604281] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3445.611541] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3445.618802] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3445.626061] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3445.655026] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3445.666088] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3445.666848] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:14 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:14 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x6}, 0x0)

[ 3445.763559] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:14 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xfe01000000000000}, 0x0)

18:27:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:14 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='r\niserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:14 executing program 1 (fault-call:0 fault-nth:19):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3445.846920] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3445.850218] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:14 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x0)

18:27:14 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3445.939579] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3446.017913] FAULT_INJECTION: forcing a failure.
[ 3446.017913] name failslab, interval 1, probability 0, space 0, times 0
[ 3446.033573] CPU: 1 PID: 6814 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3446.040730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3446.050085] Call Trace:
[ 3446.052689]  dump_stack+0x172/0x1f0
[ 3446.056335]  should_fail.cold+0xa/0x1b
[ 3446.060242]  ? fault_create_debugfs_attr+0x1e0/0x1e0
18:27:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:14 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xa}, 0x0)

[ 3446.065361]  ? lock_downgrade+0x810/0x810
[ 3446.069525]  ? ___might_sleep+0x163/0x280
[ 3446.073693]  __should_failslab+0x121/0x190
[ 3446.077939]  should_failslab+0x9/0x14
[ 3446.081747]  __kmalloc+0x2dc/0x740
[ 3446.085299]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3446.090753]  ? rcu_read_lock_sched_held+0x110/0x130
[ 3446.095775]  ? kobject_get_path+0xc4/0x1b0
[ 3446.100100]  kobject_get_path+0xc4/0x1b0
[ 3446.104156]  kobject_uevent_env+0x31f/0x1030
[ 3446.108560]  kobject_uevent+0x20/0x26
[ 3446.112352]  lo_ioctl+0x100b/0x20d0
[ 3446.115991]  ? lo_rw_aio+0x1530/0x1530
[ 3446.119884]  blkdev_ioctl+0xee8/0x1c40
[ 3446.123767]  ? blkpg_ioctl+0xa90/0xa90
[ 3446.127661]  ? find_held_lock+0x35/0x130
[ 3446.131725]  ? debug_check_no_obj_freed+0x200/0x464
[ 3446.136747]  ? kasan_check_read+0x11/0x20
[ 3446.140897]  ? __fget+0x340/0x540
[ 3446.144351]  ? find_held_lock+0x35/0x130
[ 3446.148407]  ? __fget+0x340/0x540
[ 3446.151852]  block_ioctl+0xee/0x130
[ 3446.155479]  ? blkdev_fallocate+0x410/0x410
[ 3446.159809]  do_vfs_ioctl+0xd6e/0x1390
[ 3446.163697]  ? ioctl_preallocate+0x210/0x210
[ 3446.168093]  ? __fget+0x367/0x540
[ 3446.171536]  ? iterate_fd+0x360/0x360
[ 3446.175339]  ? do_sys_open+0x31d/0x5d0
[ 3446.179239]  ? security_file_ioctl+0x93/0xc0
[ 3446.183681]  ksys_ioctl+0xab/0xd0
[ 3446.187152]  __x64_sys_ioctl+0x73/0xb0
[ 3446.191036]  do_syscall_64+0x103/0x610
[ 3446.194927]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3446.200113] RIP: 0033:0x457ca7
18:27:14 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xffffff7f00000000}, 0x0)

[ 3446.203296] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3446.222186] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3446.229882] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3446.237150] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3446.244416] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3446.251682] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3446.258943] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3446.311730] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3446.312473] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3446.331116] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:14 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xc}, 0x0)

18:27:14 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3446.371196] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:14 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0xfffffffffffff000}, 0x0)

18:27:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3446.482883] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3446.506680] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:14 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='r%iserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:14 executing program 1 (fault-call:0 fault-nth:20):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3446.507501] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:15 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xe}, 0x0)

18:27:15 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x2}, 0x0)

18:27:15 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:15 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x01\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3446.659492] FAULT_INJECTION: forcing a failure.
[ 3446.659492] name failslab, interval 1, probability 0, space 0, times 0
[ 3446.681174] CPU: 1 PID: 6870 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3446.688310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3446.697677] Call Trace:
[ 3446.700286]  dump_stack+0x172/0x1f0
[ 3446.703935]  should_fail.cold+0xa/0x1b
18:27:15 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf}, 0x0)

[ 3446.707838]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3446.712948]  ? lock_downgrade+0x810/0x810
[ 3446.717093]  ? ___might_sleep+0x163/0x280
[ 3446.721249]  __should_failslab+0x121/0x190
[ 3446.725480]  should_failslab+0x9/0x14
[ 3446.729273]  kmem_cache_alloc_node_trace+0x270/0x720
[ 3446.734368]  ? __alloc_skb+0xd5/0x5e0
[ 3446.738172]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3446.743623]  __kmalloc_node_track_caller+0x3d/0x70
[ 3446.748543]  __kmalloc_reserve.isra.0+0x40/0xf0
[ 3446.753220]  __alloc_skb+0x10b/0x5e0
[ 3446.756925]  ? skb_scrub_packet+0x440/0x440
[ 3446.761243]  ? kasan_check_read+0x11/0x20
[ 3446.765387]  alloc_uevent_skb+0x83/0x1e2
[ 3446.769443]  kobject_uevent_env+0xa63/0x1030
[ 3446.773848]  kobject_uevent+0x20/0x26
[ 3446.777642]  lo_ioctl+0x100b/0x20d0
[ 3446.781261]  ? lo_rw_aio+0x1530/0x1530
[ 3446.785142]  blkdev_ioctl+0xee8/0x1c40
[ 3446.789025]  ? blkpg_ioctl+0xa90/0xa90
[ 3446.792901]  ? find_held_lock+0x35/0x130
[ 3446.796958]  ? debug_check_no_obj_freed+0x200/0x464
[ 3446.801968]  ? kasan_check_read+0x11/0x20
[ 3446.806108]  ? __fget+0x340/0x540
[ 3446.809570]  ? find_held_lock+0x35/0x130
[ 3446.813624]  ? __fget+0x340/0x540
[ 3446.817070]  block_ioctl+0xee/0x130
[ 3446.820689]  ? blkdev_fallocate+0x410/0x410
[ 3446.825007]  do_vfs_ioctl+0xd6e/0x1390
[ 3446.828886]  ? ioctl_preallocate+0x210/0x210
[ 3446.833284]  ? __fget+0x367/0x540
[ 3446.836730]  ? iterate_fd+0x360/0x360
[ 3446.840525]  ? do_sys_open+0x31d/0x5d0
[ 3446.844422]  ? security_file_ioctl+0x93/0xc0
[ 3446.848823]  ksys_ioctl+0xab/0xd0
[ 3446.852269]  __x64_sys_ioctl+0x73/0xb0
[ 3446.856150]  do_syscall_64+0x103/0x610
[ 3446.860047]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3446.865233] RIP: 0033:0x457ca7
[ 3446.868413] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3446.887309] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3446.895017] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3446.902295] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
18:27:15 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x3}, 0x0)

[ 3446.909589] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3446.916858] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3446.924180] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3446.949793] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3447.033335] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3447.040030] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:15 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:15 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

18:27:15 executing program 1 (fault-call:0 fault-nth:21):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:15 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:15 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rliserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:15 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x4}, 0x0)

[ 3447.236201] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3447.236936] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3447.271927] FAULT_INJECTION: forcing a failure.
[ 3447.271927] name failslab, interval 1, probability 0, space 0, times 0
18:27:15 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:15 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x60}, 0x0)

18:27:15 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3447.288231] CPU: 1 PID: 6916 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3447.295353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3447.304697] Call Trace:
[ 3447.307289]  dump_stack+0x172/0x1f0
[ 3447.310923]  should_fail.cold+0xa/0x1b
[ 3447.314812]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3447.319903]  ? lock_downgrade+0x810/0x810
[ 3447.324046]  ? ___might_sleep+0x163/0x280
[ 3447.328189]  __should_failslab+0x121/0x190
[ 3447.332418]  should_failslab+0x9/0x14
18:27:15 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x5}, 0x0)

[ 3447.336216]  kmem_cache_alloc_node_trace+0x270/0x720
[ 3447.341316]  ? __alloc_skb+0xd5/0x5e0
[ 3447.345109]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3447.350541]  __kmalloc_node_track_caller+0x3d/0x70
[ 3447.355451]  __kmalloc_reserve.isra.0+0x40/0xf0
[ 3447.360095]  __alloc_skb+0x10b/0x5e0
[ 3447.363784]  ? skb_scrub_packet+0x440/0x440
[ 3447.368080]  ? kasan_check_read+0x11/0x20
[ 3447.372207]  alloc_uevent_skb+0x83/0x1e2
[ 3447.376243]  kobject_uevent_env+0xa63/0x1030
[ 3447.380641]  kobject_uevent+0x20/0x26
[ 3447.384417]  lo_ioctl+0x100b/0x20d0
[ 3447.388036]  ? lo_rw_aio+0x1530/0x1530
[ 3447.391900]  blkdev_ioctl+0xee8/0x1c40
[ 3447.395764]  ? blkpg_ioctl+0xa90/0xa90
[ 3447.399627]  ? find_held_lock+0x35/0x130
[ 3447.403925]  ? debug_check_no_obj_freed+0x200/0x464
[ 3447.408925]  ? kasan_check_read+0x11/0x20
[ 3447.413050]  ? __fget+0x340/0x540
[ 3447.416477]  ? find_held_lock+0x35/0x130
[ 3447.420521]  ? __fget+0x340/0x540
[ 3447.423949]  block_ioctl+0xee/0x130
[ 3447.427552]  ? blkdev_fallocate+0x410/0x410
[ 3447.431852]  do_vfs_ioctl+0xd6e/0x1390
[ 3447.435716]  ? ioctl_preallocate+0x210/0x210
[ 3447.440097]  ? __fget+0x367/0x540
[ 3447.443549]  ? iterate_fd+0x360/0x360
[ 3447.447441]  ? do_sys_open+0x31d/0x5d0
[ 3447.451307]  ? security_file_ioctl+0x93/0xc0
[ 3447.455693]  ksys_ioctl+0xab/0xd0
[ 3447.459221]  __x64_sys_ioctl+0x73/0xb0
[ 3447.463086]  do_syscall_64+0x103/0x610
[ 3447.466951]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3447.472111] RIP: 0033:0x457ca7
[ 3447.475280] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3447.494267] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3447.501947] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457ca7
[ 3447.509193] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005
[ 3447.516436] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3447.523679] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3447.530923] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:16 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf0}, 0x0)

18:27:16 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:16 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6}, 0x0)

[ 3447.587479] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3447.594295] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3447.609627] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:16 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3447.755346] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:16 executing program 1 (fault-call:0 fault-nth:22):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:16 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x300}, 0x0)

18:27:16 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='re\nserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:16 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x7}, 0x0)

18:27:16 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3447.756196] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:16 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:16 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:16 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x600}, 0x0)

18:27:16 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x8}, 0x0)

[ 3447.942402] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3447.943305] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3448.006209] FAULT_INJECTION: forcing a failure.
[ 3448.006209] name failslab, interval 1, probability 0, space 0, times 0
[ 3448.023990] CPU: 0 PID: 6985 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3448.031110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3448.040454] Call Trace:
[ 3448.040474]  dump_stack+0x172/0x1f0
[ 3448.040489]  should_fail.cold+0xa/0x1b
[ 3448.040503]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3448.046681]  ? lock_downgrade+0x810/0x810
[ 3448.046697]  ? ___might_sleep+0x163/0x280
[ 3448.046727]  __should_failslab+0x121/0x190
[ 3448.046743]  should_failslab+0x9/0x14
[ 3448.046756]  kmem_cache_alloc+0x2be/0x710
[ 3448.076027]  ? __fget+0x367/0x540
[ 3448.079467]  getname_flags+0xd6/0x5b0
[ 3448.083278]  do_mkdirat+0xa0/0x2a0
[ 3448.086796]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3448.090922]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3448.095651]  ? do_syscall_64+0x26/0x610
[ 3448.099699]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3448.105054]  ? do_syscall_64+0x26/0x610
[ 3448.109004]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3448.113566]  __x64_sys_mkdir+0x5c/0x80
[ 3448.117449]  do_syscall_64+0x103/0x610
[ 3448.121329]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3448.126495] RIP: 0033:0x457257
[ 3448.129672] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3448.148560] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
18:27:16 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3448.156253] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3448.163506] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3448.170766] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3448.178015] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3448.185261] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:16 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:16 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xa00}, 0x0)

[ 3448.234169] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3448.234903] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:16 executing program 1 (fault-call:0 fault-nth:23):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:16 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xa}, 0x0)

[ 3448.363317] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3448.364357] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:16 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='re%serfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:16 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\xfe\xff\xff\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:16 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:16 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xc00}, 0x0)

18:27:16 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xc}, 0x0)

[ 3448.514607] FAULT_INJECTION: forcing a failure.
[ 3448.514607] name failslab, interval 1, probability 0, space 0, times 0
[ 3448.547178] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3448.548094] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3448.580680] CPU: 0 PID: 7032 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3448.596119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3448.605468] Call Trace:
[ 3448.608058]  dump_stack+0x172/0x1f0
[ 3448.611710]  should_fail.cold+0xa/0x1b
[ 3448.615592]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3448.620693]  ? lock_downgrade+0x810/0x810
[ 3448.620709]  ? ___might_sleep+0x163/0x280
18:27:17 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xe00}, 0x0)

[ 3448.628977]  __should_failslab+0x121/0x190
[ 3448.628991]  should_failslab+0x9/0x14
[ 3448.636981]  kmem_cache_alloc+0x2be/0x710
[ 3448.641112]  ? __fget+0x367/0x540
[ 3448.644566]  getname_flags+0xd6/0x5b0
[ 3448.648366]  do_mkdirat+0xa0/0x2a0
[ 3448.651910]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3448.656056]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3448.660811]  ? do_syscall_64+0x26/0x610
[ 3448.664782]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3448.670143]  ? do_syscall_64+0x26/0x610
[ 3448.674113]  ? lockdep_hardirqs_on+0x415/0x5d0
18:27:17 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf00}, 0x0)

[ 3448.678709]  __x64_sys_mkdir+0x5c/0x80
[ 3448.682592]  do_syscall_64+0x103/0x610
[ 3448.686473]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3448.691648] RIP: 0033:0x457257
[ 3448.694821] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3448.713788] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 3448.721471] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
18:27:17 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xe}, 0x0)

18:27:17 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3448.728719] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3448.735965] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3448.743403] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3448.750670] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3448.822974] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3448.828996] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:17 executing program 1 (fault-call:0 fault-nth:24):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:17 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:17 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x1b39}, 0x0)

18:27:17 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf}, 0x0)

18:27:17 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rehserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3448.957693] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3448.958361] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:17 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x10}, 0x0)

18:27:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3449.059917] FAULT_INJECTION: forcing a failure.
[ 3449.059917] name failslab, interval 1, probability 0, space 0, times 0
[ 3449.081588] CPU: 0 PID: 7084 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3449.088745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3449.098094] Call Trace:
[ 3449.100678]  dump_stack+0x172/0x1f0
[ 3449.104288]  should_fail.cold+0xa/0x1b
[ 3449.108151]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3449.113227]  ? lock_downgrade+0x810/0x810
[ 3449.117352]  ? ___might_sleep+0x163/0x280
[ 3449.121491]  __should_failslab+0x121/0x190
[ 3449.125705]  should_failslab+0x9/0x14
[ 3449.129477]  kmem_cache_alloc+0x2be/0x710
[ 3449.133598]  ? __d_lookup+0x433/0x760
[ 3449.137378]  ? lookup_dcache+0x23/0x140
[ 3449.141328]  ? d_lookup+0xf9/0x260
[ 3449.144844]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3449.149405]  __d_alloc+0x2e/0x8c0
[ 3449.152833]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3449.157849]  d_alloc+0x4d/0x2b0
[ 3449.161104]  __lookup_hash+0xcd/0x190
[ 3449.164882]  filename_create+0x1a7/0x4f0
[ 3449.168917]  ? kern_path_mountpoint+0x40/0x40
[ 3449.173386]  ? strncpy_from_user+0x2a8/0x380
[ 3449.177791]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3449.183301]  ? getname_flags+0x277/0x5b0
[ 3449.187346]  do_mkdirat+0xb5/0x2a0
[ 3449.190865]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3449.194987]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3449.199720]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3449.205059]  ? do_syscall_64+0x26/0x610
[ 3449.209008]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3449.213568]  __x64_sys_mkdir+0x5c/0x80
[ 3449.217432]  do_syscall_64+0x103/0x610
[ 3449.221388]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3449.226556] RIP: 0033:0x457257
[ 3449.229724] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3449.248620] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
18:27:17 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x391b}, 0x0)

18:27:17 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\a\xff\xff\xfe\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3449.256302] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3449.263571] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3449.270825] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3449.278069] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3449.285312] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:17 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x3f00}, 0x0)

18:27:17 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x48}, 0x0)

18:27:17 executing program 1 (fault-call:0 fault-nth:25):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3449.417473] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3449.418202] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3449.488681] FAULT_INJECTION: forcing a failure.
[ 3449.488681] name failslab, interval 1, probability 0, space 0, times 0
18:27:17 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:17 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x5865}, 0x0)

[ 3449.589958] CPU: 0 PID: 7122 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3449.597092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3449.606607] Call Trace:
[ 3449.609194]  dump_stack+0x172/0x1f0
[ 3449.612824]  should_fail.cold+0xa/0x1b
[ 3449.616714]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3449.621821]  ? ___might_sleep+0x163/0x280
[ 3449.625973]  __should_failslab+0x121/0x190
[ 3449.630208]  should_failslab+0x9/0x14
[ 3449.634000]  kmem_cache_alloc+0x2be/0x710
[ 3449.638140]  ? unwind_get_return_address+0x61/0xa0
[ 3449.643064]  ? __save_stack_trace+0x8a/0xf0
[ 3449.647381]  ? ratelimit_state_init+0xb0/0xb0
[ 3449.651875]  ext4_alloc_inode+0x1f/0x640
[ 3449.655963]  ? ratelimit_state_init+0xb0/0xb0
[ 3449.660586]  alloc_inode+0x66/0x190
[ 3449.664207]  new_inode_pseudo+0x19/0xf0
[ 3449.668175]  new_inode+0x1f/0x40
[ 3449.671635]  __ext4_new_inode+0x3cb/0x52c0
[ 3449.675866]  ? putname+0xef/0x130
[ 3449.678020] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3449.678680] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3449.679400]  ? do_syscall_64+0x103/0x610
[ 3449.679413]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3449.679427]  ? d_splice_alias+0x6c1/0xcc0
[ 3449.709522]  ? find_held_lock+0x35/0x130
[ 3449.713562]  ? debug_check_no_obj_freed+0x200/0x464
[ 3449.718644]  ? ext4_free_inode+0x1470/0x1470
[ 3449.723028]  ? lock_downgrade+0x810/0x810
[ 3449.727156]  ? dquot_get_next_dqblk+0x180/0x180
[ 3449.731802]  ? __lock_is_held+0xb6/0x140
[ 3449.735838]  ? check_preemption_disabled+0x48/0x290
[ 3449.740831]  ext4_mkdir+0x3d5/0xdf0
[ 3449.744442]  ? ext4_init_dot_dotdot+0x520/0x520
[ 3449.749106]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3449.754629]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3449.760143]  ? security_inode_permission+0xd5/0x110
[ 3449.765135]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3449.770649]  ? security_inode_mkdir+0xee/0x120
[ 3449.775213]  vfs_mkdir+0x433/0x690
[ 3449.778741]  do_mkdirat+0x234/0x2a0
[ 3449.782344]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3449.786469]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3449.791201]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3449.796540]  ? do_syscall_64+0x26/0x610
[ 3449.800490]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3449.805049]  __x64_sys_mkdir+0x5c/0x80
[ 3449.808912]  do_syscall_64+0x103/0x610
[ 3449.812775]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3449.817938] RIP: 0033:0x457257
[ 3449.821105] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3449.839980] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 3449.847659] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3449.854912] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3449.862157] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3449.869412] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3449.876662] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:18 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='relserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:18 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x6000}, 0x0)

18:27:18 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x4c}, 0x0)

18:27:18 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:18 executing program 1 (fault-call:0 fault-nth:26):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:18 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x6558}, 0x0)

[ 3450.062967] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3450.064964] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:18 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x60}, 0x0)

[ 3450.139060] FAULT_INJECTION: forcing a failure.
[ 3450.139060] name failslab, interval 1, probability 0, space 0, times 0
[ 3450.151327] CPU: 1 PID: 7173 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3450.158445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3450.167796] Call Trace:
[ 3450.170385]  dump_stack+0x172/0x1f0
[ 3450.174014]  should_fail.cold+0xa/0x1b
[ 3450.177924]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3450.183022]  ? save_stack+0xa9/0xd0
[ 3450.186658]  ? __es_tree_search.isra.0+0x1bf/0x230
[ 3450.191594]  __should_failslab+0x121/0x190
[ 3450.195828]  should_failslab+0x9/0x14
[ 3450.199619]  kmem_cache_alloc+0x47/0x710
[ 3450.203678]  ? ext4_es_scan+0x6f0/0x6f0
[ 3450.207648]  ? do_raw_write_lock+0x124/0x290
[ 3450.212065]  __es_insert_extent+0x2cc/0xf20
[ 3450.216499]  ext4_es_insert_extent+0x2b7/0xa40
[ 3450.221081]  ? ext4_es_scan_clu+0x50/0x50
[ 3450.225264]  ? rcu_read_lock_sched_held+0x110/0x130
[ 3450.230368]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
18:27:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:18 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3450.235895]  ? ext4_es_find_extent_range+0xff/0x600
[ 3450.240919]  ext4_ext_put_gap_in_cache+0xfe/0x150
[ 3450.245754]  ? ext4_rereserve_cluster+0x240/0x240
[ 3450.250605]  ? ext4_find_extent+0x76e/0x9d0
[ 3450.254923]  ? ext4_find_extent+0x6a6/0x9d0
[ 3450.259245]  ext4_ext_map_blocks+0x216a/0x4e50
[ 3450.263843]  ? ext4_ext_release+0x10/0x10
[ 3450.267990]  ? __lock_is_held+0xb6/0x140
[ 3450.272059]  ? lock_acquire+0x16f/0x3f0
[ 3450.276031]  ? ext4_map_blocks+0x424/0x1a20
[ 3450.280381]  ext4_map_blocks+0xecb/0x1a20
[ 3450.284537]  ? ext4_issue_zeroout+0x170/0x170
18:27:18 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x8100}, 0x0)

18:27:18 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x68}, 0x0)

[ 3450.289052]  ? kasan_check_write+0x14/0x20
[ 3450.293289]  ? __brelse+0x95/0xb0
[ 3450.296743]  ext4_getblk+0xc4/0x510
[ 3450.300368]  ? ext4_iomap_begin+0xfe0/0xfe0
[ 3450.304693]  ? ext4_free_inode+0x1470/0x1470
[ 3450.309100]  ext4_bread+0x8f/0x230
[ 3450.312647]  ? ext4_getblk+0x510/0x510
[ 3450.316549]  ext4_append+0x155/0x370
[ 3450.320270]  ext4_mkdir+0x61b/0xdf0
[ 3450.323904]  ? ext4_init_dot_dotdot+0x520/0x520
[ 3450.328565]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3450.334092]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3450.339626]  ? security_inode_permission+0xd5/0x110
[ 3450.344655]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3450.350204]  ? security_inode_mkdir+0xee/0x120
[ 3450.354790]  vfs_mkdir+0x433/0x690
[ 3450.358323]  do_mkdirat+0x234/0x2a0
[ 3450.361930]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3450.366057]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3450.370792]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3450.376141]  ? do_syscall_64+0x26/0x610
[ 3450.380102]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3450.384673]  __x64_sys_mkdir+0x5c/0x80
[ 3450.388548]  do_syscall_64+0x103/0x610
[ 3450.392413]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3450.397586] RIP: 0033:0x457257
[ 3450.400763] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3450.419729] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 3450.427414] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3450.434666] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3450.441917] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3450.449163] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3450.456406] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3450.512274] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3450.527139] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3450.527837] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:19 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rei\nerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:19 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf000}, 0x0)

18:27:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6c}, 0x0)

18:27:19 executing program 1 (fault-call:0 fault-nth:27):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3450.699963] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x74}, 0x0)

[ 3450.700662] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3450.769486] FAULT_INJECTION: forcing a failure.
[ 3450.769486] name failslab, interval 1, probability 0, space 0, times 0
18:27:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x7a}, 0x0)

18:27:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3450.803634] CPU: 0 PID: 7227 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3450.810777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3450.820121] Call Trace:
[ 3450.822708]  dump_stack+0x172/0x1f0
[ 3450.826339]  should_fail.cold+0xa/0x1b
[ 3450.830234]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3450.835348]  ? ___might_sleep+0x163/0x280
[ 3450.839499]  __should_failslab+0x121/0x190
[ 3450.843729]  should_failslab+0x9/0x14
[ 3450.847527]  __kmalloc+0x2dc/0x740
18:27:19 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x34000}, 0x0)

[ 3450.851068]  ? ext4_find_extent+0x76e/0x9d0
[ 3450.855386]  ext4_find_extent+0x76e/0x9d0
[ 3450.859551]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3450.865012]  ext4_ext_map_blocks+0x1cc/0x4e50
[ 3450.869515]  ? ext4_ext_release+0x10/0x10
[ 3450.873654]  ? __lock_is_held+0xb6/0x140
[ 3450.877701]  ? lock_acquire+0x16f/0x3f0
[ 3450.881655]  ? ext4_map_blocks+0x424/0x1a20
[ 3450.885971]  ext4_map_blocks+0xecb/0x1a20
[ 3450.890108]  ? ext4_issue_zeroout+0x170/0x170
[ 3450.894581]  ? kasan_check_write+0x14/0x20
[ 3450.898799]  ? __brelse+0x95/0xb0
[ 3450.902234]  ext4_getblk+0xc4/0x510
[ 3450.905955]  ? ext4_iomap_begin+0xfe0/0xfe0
[ 3450.910291]  ? ext4_free_inode+0x1470/0x1470
[ 3450.914687]  ext4_bread+0x8f/0x230
[ 3450.918316]  ? ext4_getblk+0x510/0x510
[ 3450.922194]  ext4_append+0x155/0x370
[ 3450.925899]  ext4_mkdir+0x61b/0xdf0
[ 3450.929507]  ? ext4_init_dot_dotdot+0x520/0x520
[ 3450.934152]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3450.939662]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3450.945280]  ? security_inode_permission+0xd5/0x110
[ 3450.950278]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3450.955903]  ? security_inode_mkdir+0xee/0x120
[ 3450.960476]  vfs_mkdir+0x433/0x690
[ 3450.963996]  do_mkdirat+0x234/0x2a0
[ 3450.967606]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3450.971743]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3450.976497]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3450.981843]  ? do_syscall_64+0x26/0x610
[ 3450.985798]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3450.990360]  __x64_sys_mkdir+0x5c/0x80
[ 3450.994265]  do_syscall_64+0x103/0x610
[ 3450.998137]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3451.003302] RIP: 0033:0x457257
[ 3451.006484] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3451.025372] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 3451.033163] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3451.040413] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3451.047659] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3451.055021] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3451.062266] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3451.124224] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3451.129775] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3451.165458] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf0}, 0x0)

18:27:19 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rei#erfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:19 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x400300}, 0x0)

18:27:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3451.318250] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3451.318795] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:19 executing program 1 (fault-call:0 fault-nth:28):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x1fe}, 0x0)

18:27:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:19 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf0ffff}, 0x0)

18:27:19 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3451.451588] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3451.451983] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:20 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x1000000}, 0x0)

18:27:20 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3451.582056] FAULT_INJECTION: forcing a failure.
[ 3451.582056] name failslab, interval 1, probability 0, space 0, times 0
[ 3451.593536] CPU: 0 PID: 7305 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3451.594760] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3451.595372] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3451.600637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3451.600642] Call Trace:
[ 3451.600664]  dump_stack+0x172/0x1f0
[ 3451.600684]  should_fail.cold+0xa/0x1b
[ 3451.636756]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3451.641852]  ? save_stack+0xa9/0xd0
[ 3451.645478]  ? __es_tree_search.isra.0+0x1bf/0x230
[ 3451.650529]  __should_failslab+0x121/0x190
[ 3451.654763]  should_failslab+0x9/0x14
[ 3451.658554]  kmem_cache_alloc+0x47/0x710
[ 3451.662610]  ? ext4_es_scan+0x6f0/0x6f0
[ 3451.666578]  ? do_raw_write_lock+0x124/0x290
[ 3451.670992]  __es_insert_extent+0x2cc/0xf20
[ 3451.675308]  ext4_es_insert_extent+0x2b7/0xa40
[ 3451.679873]  ? ext4_es_scan_clu+0x50/0x50
[ 3451.684015]  ? rcu_read_lock_sched_held+0x110/0x130
[ 3451.689014]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 3451.694537]  ? ext4_es_find_extent_range+0xff/0x600
[ 3451.699536]  ext4_ext_put_gap_in_cache+0xfe/0x150
[ 3451.704360]  ? ext4_rereserve_cluster+0x240/0x240
[ 3451.709194]  ? ext4_find_extent+0x76e/0x9d0
[ 3451.713516]  ? ext4_find_extent+0x6a6/0x9d0
[ 3451.717827]  ext4_ext_map_blocks+0x216a/0x4e50
[ 3451.722386]  ? ext4_ext_release+0x10/0x10
[ 3451.726515]  ? __lock_is_held+0xb6/0x140
[ 3451.730570]  ? lock_acquire+0x16f/0x3f0
[ 3451.734532]  ? ext4_map_blocks+0x424/0x1a20
[ 3451.738841]  ext4_map_blocks+0xecb/0x1a20
[ 3451.742970]  ? ext4_issue_zeroout+0x170/0x170
[ 3451.747451]  ? kasan_check_write+0x14/0x20
[ 3451.751661]  ? __brelse+0x95/0xb0
[ 3451.755108]  ext4_getblk+0xc4/0x510
[ 3451.758719]  ? ext4_iomap_begin+0xfe0/0xfe0
[ 3451.763020]  ? ext4_free_inode+0x1470/0x1470
[ 3451.767423]  ext4_bread+0x8f/0x230
[ 3451.770940]  ? ext4_getblk+0x510/0x510
[ 3451.774820]  ext4_append+0x155/0x370
[ 3451.778520]  ext4_mkdir+0x61b/0xdf0
[ 3451.782129]  ? ext4_init_dot_dotdot+0x520/0x520
[ 3451.786780]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3451.792297]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3451.797821]  ? security_inode_permission+0xd5/0x110
[ 3451.802812]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3451.808331]  ? security_inode_mkdir+0xee/0x120
[ 3451.812891]  vfs_mkdir+0x433/0x690
[ 3451.816414]  do_mkdirat+0x234/0x2a0
[ 3451.820017]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3451.824157]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3451.828899]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3451.834245]  ? do_syscall_64+0x26/0x610
[ 3451.838203]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3451.842763]  __x64_sys_mkdir+0x5c/0x80
[ 3451.846628]  do_syscall_64+0x103/0x610
[ 3451.850495]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3451.855667] RIP: 0033:0x457257
[ 3451.858863] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:27:20 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rei%erfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:20 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x300}, 0x0)

18:27:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3451.878036] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 3451.885739] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3451.892994] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3451.900244] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3451.907493] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3451.914742] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:20 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

[ 3452.092900] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3452.093665] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3452.107677] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:20 executing program 1 (fault-call:0 fault-nth:29):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:20 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x500}, 0x0)

18:27:20 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\a\xff\xff', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:20 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x3000000}, 0x0)

18:27:20 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rei*erfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3452.329946] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:20 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

18:27:20 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:20 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x600}, 0x0)

[ 3452.330802] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3452.434848] FAULT_INJECTION: forcing a failure.
[ 3452.434848] name failslab, interval 1, probability 0, space 0, times 0
[ 3452.448718] CPU: 0 PID: 7366 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3452.455821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3452.455914] Call Trace:
[ 3452.455934]  dump_stack+0x172/0x1f0
[ 3452.455952]  should_fail.cold+0xa/0x1b
[ 3452.475351]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3452.480454]  ? ___might_sleep+0x163/0x280
[ 3452.484600]  __should_failslab+0x121/0x190
[ 3452.488838]  should_failslab+0x9/0x14
[ 3452.492733]  kmem_cache_alloc+0x2be/0x710
[ 3452.496878]  ? rcu_read_lock_sched_held+0x110/0x130
[ 3452.501983]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[ 3452.501999]  ? __mark_inode_dirty+0x241/0x1290
[ 3452.502017]  ext4_mb_new_blocks+0x5a8/0x3c70
[ 3452.502032]  ? ext4_find_extent+0x76e/0x9d0
[ 3452.502053]  ext4_ext_map_blocks+0x3094/0x4e50
[ 3452.516616]  ? ext4_ext_release+0x10/0x10
[ 3452.516630]  ? __lock_is_held+0xb6/0x140
[ 3452.516664]  ext4_map_blocks+0x8ec/0x1a20
[ 3452.516682]  ? ext4_issue_zeroout+0x170/0x170
[ 3452.525540]  ? kasan_check_write+0x14/0x20
[ 3452.525553]  ? __brelse+0x95/0xb0
[ 3452.525573]  ext4_getblk+0xc4/0x510
[ 3452.525589]  ? ext4_iomap_begin+0xfe0/0xfe0
[ 3452.525606]  ? ext4_free_inode+0x1470/0x1470
[ 3452.525622]  ext4_bread+0x8f/0x230
[ 3452.525636]  ? ext4_getblk+0x510/0x510
[ 3452.546611]  ext4_append+0x155/0x370
[ 3452.553646]  ext4_mkdir+0x61b/0xdf0
[ 3452.553667]  ? ext4_init_dot_dotdot+0x520/0x520
[ 3452.553681]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3452.553693]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3452.553707]  ? security_inode_permission+0xd5/0x110
[ 3452.553720]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3452.553732]  ? security_inode_mkdir+0xee/0x120
[ 3452.553748]  vfs_mkdir+0x433/0x690
[ 3452.553764]  do_mkdirat+0x234/0x2a0
[ 3452.615031]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3452.619176]  ? trace_hardirqs_on_thunk+0x1a/0x1c
18:27:21 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x700}, 0x0)

18:27:21 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3452.623936]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3452.629298]  ? do_syscall_64+0x26/0x610
[ 3452.633363]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3452.637959]  __x64_sys_mkdir+0x5c/0x80
[ 3452.641840]  do_syscall_64+0x103/0x610
[ 3452.645749]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3452.650937] RIP: 0033:0x457257
[ 3452.654116] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3452.673004] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 3452.673016] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3452.673024] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3452.673031] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3452.673038] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3452.673044] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:21 executing program 1 (fault-call:0 fault-nth:30):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:21 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x6000000}, 0x0)

[ 3452.769372] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:21 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:21 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xa00}, 0x0)

[ 3452.770008] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3452.868837] FAULT_INJECTION: forcing a failure.
[ 3452.868837] name failslab, interval 1, probability 0, space 0, times 0
[ 3452.880318] CPU: 0 PID: 7412 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3452.880328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3452.892141] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3452.892763] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3452.896870] Call Trace:
[ 3452.896890]  dump_stack+0x172/0x1f0
[ 3452.896907]  should_fail.cold+0xa/0x1b
[ 3452.896922]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3452.896935]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3452.896947]  ? __es_tree_search.isra.0+0x1bf/0x230
[ 3452.896964]  __should_failslab+0x121/0x190
[ 3452.933777]  should_failslab+0x9/0x14
[ 3452.933790]  kmem_cache_alloc+0x47/0x710
[ 3452.933804]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3452.933816]  ? ext4_es_can_be_merged+0x1a3/0x2a0
[ 3452.933845]  ? ext4_es_scan+0x6f0/0x6f0
[ 3452.933859]  ? do_raw_write_lock+0x124/0x290
[ 3452.960557]  __es_insert_extent+0x2cc/0xf20
[ 3452.960575]  ext4_es_insert_extent+0x2b7/0xa40
[ 3452.960590]  ? ext4_es_scan_clu+0x50/0x50
[ 3452.982027]  ext4_map_blocks+0xba2/0x1a20
[ 3452.986194]  ? ext4_issue_zeroout+0x170/0x170
[ 3452.986212]  ? kasan_check_write+0x14/0x20
[ 3452.986225]  ? __brelse+0x95/0xb0
[ 3452.986241]  ext4_getblk+0xc4/0x510
[ 3452.986256]  ? ext4_iomap_begin+0xfe0/0xfe0
[ 3453.006378]  ? ext4_free_inode+0x1470/0x1470
[ 3453.006394]  ext4_bread+0x8f/0x230
[ 3453.006408]  ? ext4_getblk+0x510/0x510
[ 3453.018314]  ext4_append+0x155/0x370
[ 3453.022051]  ext4_mkdir+0x61b/0xdf0
[ 3453.022071]  ? ext4_init_dot_dotdot+0x520/0x520
[ 3453.030413]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3453.035943]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3453.041478]  ? security_inode_permission+0xd5/0x110
[ 3453.046495]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3453.052211]  ? security_inode_mkdir+0xee/0x120
[ 3453.052231]  vfs_mkdir+0x433/0x690
[ 3453.052248]  do_mkdirat+0x234/0x2a0
[ 3453.052263]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3453.068099]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3453.072851]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3453.078212]  ? do_syscall_64+0x26/0x610
[ 3453.078228]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3453.078246]  __x64_sys_mkdir+0x5c/0x80
[ 3453.078260]  do_syscall_64+0x103/0x610
[ 3453.094530]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3453.099799] RIP: 0033:0x457257
18:27:21 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rei+erfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:21 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000000}, 0x0)

18:27:21 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:21 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xc00}, 0x0)

18:27:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3453.102985] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3453.121964] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 3453.129761] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3453.129770] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3453.129778] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3453.129785] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3453.129798] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3453.136350] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:21 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xc15}, 0x0)

18:27:21 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xa000000}, 0x0)

[ 3453.137036] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3453.290700] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:21 executing program 1 (fault-call:0 fault-nth:31):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:21 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:21 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xc000000}, 0x0)

18:27:21 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xe00}, 0x0)

[ 3453.550491] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3453.551232] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3453.581726] FAULT_INJECTION: forcing a failure.
[ 3453.581726] name failslab, interval 1, probability 0, space 0, times 0
[ 3453.593004] CPU: 1 PID: 7466 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3453.600093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3453.609431] Call Trace:
[ 3453.609452]  dump_stack+0x172/0x1f0
[ 3453.609470]  should_fail.cold+0xa/0x1b
[ 3453.609486]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3453.615665]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3453.624608]  ? __es_tree_search.isra.0+0x1bf/0x230
[ 3453.634605]  __should_failslab+0x121/0x190
[ 3453.634621]  should_failslab+0x9/0x14
[ 3453.634632]  kmem_cache_alloc+0x47/0x710
[ 3453.634644]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3453.634657]  ? ext4_es_can_be_merged+0x1a3/0x2a0
[ 3453.642651]  ? ext4_es_scan+0x6f0/0x6f0
[ 3453.651774]  ? do_raw_write_lock+0x124/0x290
[ 3453.651792]  __es_insert_extent+0x2cc/0xf20
[ 3453.651811]  ext4_es_insert_extent+0x2b7/0xa40
[ 3453.660600]  ? ext4_es_scan_clu+0x50/0x50
[ 3453.660628]  ext4_map_blocks+0xba2/0x1a20
[ 3453.682162]  ? ext4_issue_zeroout+0x170/0x170
[ 3453.686656]  ? kasan_check_write+0x14/0x20
[ 3453.690888]  ? __brelse+0x95/0xb0
[ 3453.690909]  ext4_getblk+0xc4/0x510
[ 3453.690927]  ? ext4_iomap_begin+0xfe0/0xfe0
[ 3453.702279]  ? ext4_free_inode+0x1470/0x1470
[ 3453.706695]  ext4_bread+0x8f/0x230
[ 3453.710233]  ? ext4_getblk+0x510/0x510
[ 3453.714111]  ext4_append+0x155/0x370
[ 3453.717806]  ext4_mkdir+0x61b/0xdf0
[ 3453.721413]  ? ext4_init_dot_dotdot+0x520/0x520
[ 3453.726070]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3453.731580]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3453.737092]  ? security_inode_permission+0xd5/0x110
[ 3453.742085]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3453.747615]  ? security_inode_mkdir+0xee/0x120
[ 3453.752175]  vfs_mkdir+0x433/0x690
[ 3453.755695]  do_mkdirat+0x234/0x2a0
[ 3453.759298]  ? __ia32_sys_mknod+0xb0/0xb0
[ 3453.763426]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3453.768158]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3453.773495]  ? do_syscall_64+0x26/0x610
[ 3453.777445]  ? lockdep_hardirqs_on+0x415/0x5d0
[ 3453.782015]  __x64_sys_mkdir+0x5c/0x80
[ 3453.785910]  do_syscall_64+0x103/0x610
[ 3453.789804]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3453.794969] RIP: 0033:0x457257
[ 3453.798160] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d c4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 3453.817036] RSP: 002b:00007f7c62555a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 3453.824733] RAX: ffffffffffffffda RBX: 0000000000000010 RCX: 0000000000457257
[ 3453.831997] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000040
[ 3453.839342] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a
[ 3453.846588] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004
[ 3453.853922] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3453.871262] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3454.975419] device bridge_slave_1 left promiscuous mode
[ 3454.981090] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3455.014652] device bridge_slave_0 left promiscuous mode
[ 3455.020168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3455.146897] device hsr_slave_1 left promiscuous mode
[ 3455.186425] device hsr_slave_0 left promiscuous mode
[ 3455.238463] team0 (unregistering): Port device team_slave_1 removed
[ 3455.249142] team0 (unregistering): Port device team_slave_0 removed
[ 3455.260286] bond0 (unregistering): Releasing backup interface bond_slave_1
[ 3455.327102] bond0 (unregistering): Releasing backup interface bond_slave_0
[ 3455.418384] bond0 (unregistering): Released all slaves
[ 3455.500496] IPVS: ftp: loaded support on port[0] = 21
[ 3455.561979] chnl_net:caif_netlink_parms(): no params data found
[ 3455.591193] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3455.597654] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3455.604784] device bridge_slave_0 entered promiscuous mode
[ 3455.611425] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3455.617852] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3455.624770] device bridge_slave_1 entered promiscuous mode
[ 3455.642214] bond0: Enslaving bond_slave_0 as an active interface with an up link
[ 3455.651157] bond0: Enslaving bond_slave_1 as an active interface with an up link
[ 3455.668007] team0: Port device team_slave_0 added
[ 3455.674055] team0: Port device team_slave_1 added
[ 3455.736348] device hsr_slave_0 entered promiscuous mode
[ 3455.783996] device hsr_slave_1 entered promiscuous mode
[ 3455.896498] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3455.902955] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3455.909612] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3455.915953] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3455.942522] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3455.956051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 3455.964349] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3455.981528] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3455.993478] 8021q: adding VLAN 0 to HW filter on device team0
[ 3456.005365] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 3456.012974] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3456.019342] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3456.026950] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 3456.035120] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3456.041446] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3456.065037] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 3456.073166] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 3456.081057] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 3456.088886] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 3456.097459] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 3456.114755] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3456.121672] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
18:27:24 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rei-erfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:24 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:24 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf00}, 0x0)

18:27:24 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xe000000}, 0x0)

18:27:24 executing program 1 (fault-call:0 fault-nth:32):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:24 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf000000}, 0x0)

[ 3456.383179] FAULT_INJECTION: forcing a failure.
[ 3456.383179] name failslab, interval 1, probability 0, space 0, times 0
[ 3456.395830] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:24 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x150c}, 0x0)

18:27:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x200012b6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3456.403965] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3456.496952] CPU: 0 PID: 7503 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3456.504097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3456.513456] Call Trace:
[ 3456.516041]  dump_stack+0x172/0x1f0
[ 3456.519660]  should_fail.cold+0xa/0x1b
[ 3456.523546]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3456.528822]  ? lock_downgrade+0x810/0x810
[ 3456.532990]  ? ___might_sleep+0x163/0x280
[ 3456.537171]  __should_failslab+0x121/0x190
[ 3456.541502]  should_failslab+0x9/0x14
[ 3456.545296]  __kmalloc_track_caller+0x2d8/0x740
[ 3456.549958]  ? lock_downgrade+0x810/0x810
[ 3456.554100]  ? strndup_user+0x77/0xd0
[ 3456.557899]  memdup_user+0x26/0xb0
[ 3456.561435]  strndup_user+0x77/0xd0
[ 3456.565058]  ksys_mount+0x3c/0x150
[ 3456.568611]  __x64_sys_mount+0xbe/0x150
[ 3456.572583]  do_syscall_64+0x103/0x610
[ 3456.576474]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3456.581655] RIP: 0033:0x45a8aa
18:27:24 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x2000}, 0x0)

[ 3456.584839] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3456.603725] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3456.611428] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3456.618684] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3456.625944] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3456.633203] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3456.640459] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:25 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:25 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x10000000}, 0x0)

18:27:25 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rei.erfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:25 executing program 1 (fault-call:0 fault-nth:33):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:25 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x4800}, 0x0)

[ 3456.770850] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:25 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x7fffd5b1, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:25 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x1b390000}, 0x0)

[ 3456.771513] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3456.903873] FAULT_INJECTION: forcing a failure.
[ 3456.903873] name failslab, interval 1, probability 0, space 0, times 0
[ 3456.994292] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3456.994941] CPU: 1 PID: 7566 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3456.994952] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3457.010584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3457.028339] Call Trace:
[ 3457.031019]  dump_stack+0x172/0x1f0
[ 3457.034668]  should_fail.cold+0xa/0x1b
[ 3457.038571]  ? fault_create_debugfs_attr+0x1e0/0x1e0
18:27:25 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x4c00}, 0x0)

18:27:25 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x3f000000}, 0x0)

[ 3457.043672]  ? lock_downgrade+0x810/0x810
[ 3457.047816]  ? ___might_sleep+0x163/0x280
[ 3457.051982]  __should_failslab+0x121/0x190
[ 3457.056213]  should_failslab+0x9/0x14
[ 3457.060011]  kmem_cache_alloc+0x2be/0x710
[ 3457.064155]  ? __schedule+0x81f/0x1cc0
[ 3457.068033]  ? fs_reclaim_acquire+0x20/0x20
[ 3457.072348]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 3457.077096]  getname_flags+0xd6/0x5b0
[ 3457.080894]  user_path_at_empty+0x2f/0x50
[ 3457.085037]  do_mount+0x15e/0x2d30
[ 3457.088587]  ? copy_mount_string+0x40/0x40
18:27:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3457.092813]  ? copy_mount_options+0x255/0x440
[ 3457.097299]  ? write_comp_data+0x10/0x70
[ 3457.101351]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3457.106886]  ? copy_mount_options+0x30e/0x440
[ 3457.111378]  ksys_mount+0xdb/0x150
[ 3457.114912]  __x64_sys_mount+0xbe/0x150
[ 3457.118885]  do_syscall_64+0x103/0x610
[ 3457.122772]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3457.127966] RIP: 0033:0x45a8aa
18:27:25 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3457.131154] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3457.150044] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3457.157748] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3457.165004] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3457.172260] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3457.179515] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3457.186777] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:25 executing program 1 (fault-call:0 fault-nth:34):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3457.316772] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3457.320984] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:25 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x5865}, 0x0)

18:27:25 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='rei0erfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:25 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x60000000}, 0x0)

18:27:25 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3457.475946] FAULT_INJECTION: forcing a failure.
[ 3457.475946] name failslab, interval 1, probability 0, space 0, times 0
[ 3457.503563] CPU: 1 PID: 7619 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3457.510792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3457.520138] Call Trace:
[ 3457.522726]  dump_stack+0x172/0x1f0
[ 3457.526356]  should_fail.cold+0xa/0x1b
[ 3457.530250]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3457.535350]  ? lock_downgrade+0x810/0x810
[ 3457.539497]  ? ___might_sleep+0x163/0x280
[ 3457.543644]  __should_failslab+0x121/0x190
[ 3457.543647] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3457.545468] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3457.547886]  should_failslab+0x9/0x14
[ 3457.547899]  kmem_cache_alloc+0x2be/0x710
18:27:25 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x65580000}, 0x0)

18:27:25 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3457.547912]  ? fs_reclaim_acquire+0x20/0x20
[ 3457.577225]  ? find_held_lock+0x35/0x130
[ 3457.581290]  getname_flags+0xd6/0x5b0
[ 3457.585093]  user_path_at_empty+0x2f/0x50
[ 3457.589238]  do_mount+0x15e/0x2d30
[ 3457.592786]  ? copy_mount_options+0x5c/0x440
[ 3457.597198]  ? copy_mount_string+0x40/0x40
[ 3457.601434]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3457.606274]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3457.611802]  ? _copy_from_user+0xdd/0x150
[ 3457.615959]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3457.621491]  ? copy_mount_options+0x30e/0x440
18:27:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3457.625986]  ksys_mount+0xdb/0x150
[ 3457.629522]  __x64_sys_mount+0xbe/0x150
[ 3457.633497]  do_syscall_64+0x103/0x610
[ 3457.637385]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3457.642565] RIP: 0033:0x45a8aa
[ 3457.645736] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3457.664609] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
18:27:26 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6000}, 0x0)

[ 3457.672289] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3457.679530] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3457.686774] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3457.694016] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3457.701260] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:26 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x81000000}, 0x0)

18:27:26 executing program 1 (fault-call:0 fault-nth:35):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:26 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3457.844482] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3457.854599] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:26 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiKerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:26 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6558}, 0x0)

18:27:26 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x88a8ffff}, 0x0)

18:27:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3458.004563] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3458.008997] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:26 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6800}, 0x0)

[ 3458.063190] FAULT_INJECTION: forcing a failure.
[ 3458.063190] name failslab, interval 1, probability 0, space 0, times 0
[ 3458.076402] CPU: 1 PID: 7670 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3458.083502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3458.083508] Call Trace:
[ 3458.083529]  dump_stack+0x172/0x1f0
[ 3458.083549]  should_fail.cold+0xa/0x1b
[ 3458.083567]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3458.083581]  ? lock_downgrade+0x810/0x810
18:27:26 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3458.112193]  ? ___might_sleep+0x163/0x280
[ 3458.116342]  __should_failslab+0x121/0x190
[ 3458.120564]  should_failslab+0x9/0x14
[ 3458.124357]  kmem_cache_alloc+0x2be/0x710
[ 3458.128504]  ? lock_downgrade+0x810/0x810
[ 3458.132657]  alloc_vfsmnt+0x28/0x780
[ 3458.136376]  vfs_kern_mount.part.0+0x2a/0x410
[ 3458.140873]  do_mount+0x581/0x2d30
[ 3458.144414]  ? finish_automount+0x461/0x490
[ 3458.148739]  ? copy_mount_string+0x40/0x40
[ 3458.152966]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3458.157799]  ? _copy_from_user+0xdd/0x150
[ 3458.157815]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3458.157827]  ? copy_mount_options+0x30e/0x440
[ 3458.157844]  ksys_mount+0xdb/0x150
[ 3458.157859]  __x64_sys_mount+0xbe/0x150
[ 3458.157876]  do_syscall_64+0x103/0x610
[ 3458.157890]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3458.157901] RIP: 0033:0x45a8aa
[ 3458.167542] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3458.167549] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3458.167561] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3458.167569] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3458.167576] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3458.167583] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3458.167590] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3458.218887] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:26 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x9effffff}, 0x0)

18:27:26 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6c00}, 0x0)

18:27:26 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3458.219563] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3458.333256] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3458.336499] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:26 executing program 1 (fault-call:0 fault-nth:36):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:26 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3458.481851] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3458.493616] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3458.549143] FAULT_INJECTION: forcing a failure.
[ 3458.549143] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3458.560962] CPU: 0 PID: 7730 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3458.568052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3458.577751] Call Trace:
[ 3458.580335]  dump_stack+0x172/0x1f0
[ 3458.583965]  should_fail.cold+0xa/0x1b
[ 3458.587965]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3458.593071]  should_fail_alloc_page+0x50/0x60
[ 3458.597562]  __alloc_pages_nodemask+0x1a1/0x710
[ 3458.602230]  ? __alloc_pages_slowpath+0x2900/0x2900
[ 3458.607239]  ? find_held_lock+0x35/0x130
[ 3458.611304]  cache_grow_begin+0x9c/0x8c0
[ 3458.615356]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3458.615369]  ? check_preemption_disabled+0x48/0x290
[ 3458.615387]  kmem_cache_alloc+0x645/0x710
[ 3458.630036]  ? kmem_cache_alloc_trace+0x5a4/0x760
[ 3458.634877]  getname_flags+0xd6/0x5b0
[ 3458.638683]  user_path_at_empty+0x2f/0x50
[ 3458.642840]  do_mount+0x15e/0x2d30
[ 3458.646388]  ? copy_mount_options+0x5c/0x440
[ 3458.650815]  ? copy_mount_string+0x40/0x40
[ 3458.655060]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3458.659910]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3458.665437]  ? copy_mount_options+0x30e/0x440
[ 3458.665454]  ksys_mount+0xdb/0x150
[ 3458.665468]  __x64_sys_mount+0xbe/0x150
[ 3458.665484]  do_syscall_64+0x103/0x610
[ 3458.665499]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3458.686493] RIP: 0033:0x45a8aa
[ 3458.688881] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3458.689689] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3458.713608] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3458.716883] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3458.732879] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3458.740153] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
18:27:27 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiXerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x7400}, 0x0)

18:27:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf0ffffff}, 0x0)

18:27:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:27 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x7a00}, 0x0)

18:27:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xffffa888}, 0x0)

18:27:27 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3458.747421] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3458.754687] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3458.761950] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3458.824437] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3458.868343] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3458.868968] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:27 executing program 1 (fault-call:0 fault-nth:37):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x8100}, 0x0)

18:27:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xfffff000}, 0x0)

18:27:27 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiaerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:27 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xffffff7f}, 0x0)

18:27:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf000}, 0x0)

18:27:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3459.148878] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3459.150117] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3459.205105] FAULT_INJECTION: forcing a failure.
[ 3459.205105] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3459.216915] CPU: 1 PID: 7807 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3459.224002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3459.233344] Call Trace:
[ 3459.235931]  dump_stack+0x172/0x1f0
[ 3459.239566]  should_fail.cold+0xa/0x1b
[ 3459.243451]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3459.248564]  should_fail_alloc_page+0x50/0x60
[ 3459.253054]  __alloc_pages_nodemask+0x1a1/0x710
[ 3459.257739]  ? __alloc_pages_slowpath+0x2900/0x2900
[ 3459.262746]  ? find_held_lock+0x35/0x130
[ 3459.266815]  cache_grow_begin+0x9c/0x8c0
[ 3459.270871]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3459.276414]  ? check_preemption_disabled+0x48/0x290
[ 3459.281429]  kmem_cache_alloc+0x645/0x710
[ 3459.285583]  getname_flags+0xd6/0x5b0
[ 3459.289389]  user_path_at_empty+0x2f/0x50
[ 3459.293539]  do_mount+0x15e/0x2d30
[ 3459.297073]  ? copy_mount_options+0x5c/0x440
[ 3459.301489]  ? copy_mount_string+0x40/0x40
[ 3459.305744]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3459.310585]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3459.316120]  ? _copy_from_user+0xdd/0x150
[ 3459.320268]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3459.325806]  ? copy_mount_options+0x30e/0x440
[ 3459.330312]  ksys_mount+0xdb/0x150
[ 3459.330328]  __x64_sys_mount+0xbe/0x150
[ 3459.337821]  do_syscall_64+0x103/0x610
[ 3459.341710]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3459.346889] RIP: 0033:0x45a8aa
[ 3459.346902] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3459.346908] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3459.376662] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3459.383922] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3459.391186] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3459.398447] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xfe01}, 0x0)

18:27:27 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xffffff9e}, 0x0)

18:27:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3459.405886] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3459.519672] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:27 executing program 1 (fault-call:0 fault-nth:38):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:27 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:27 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x34000}, 0x0)

18:27:28 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xfffffff0}, 0x0)

18:27:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:28 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiberfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:28 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x400300}, 0x0)

18:27:28 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3459.597633] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:28 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x40030000000000}, 0x0)

18:27:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3459.598675] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3459.806497] FAULT_INJECTION: forcing a failure.
[ 3459.806497] name failslab, interval 1, probability 0, space 0, times 0
18:27:28 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf0ffffffffffff}, 0x0)

18:27:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3459.957320] CPU: 1 PID: 7871 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3459.964581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3459.973938] Call Trace:
[ 3459.976530]  dump_stack+0x172/0x1f0
[ 3459.980165]  should_fail.cold+0xa/0x1b
[ 3459.984054]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3459.989149]  ? lock_downgrade+0x810/0x810
[ 3459.993301]  ? ___might_sleep+0x163/0x280
[ 3459.997442]  __should_failslab+0x121/0x190
[ 3460.001672]  should_failslab+0x9/0x14
[ 3460.005475]  __kmalloc_track_caller+0x2d8/0x740
[ 3460.010145]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3460.015589]  ? alloc_vfsmnt+0x28/0x780
[ 3460.019470]  ? kstrdup_const+0x66/0x80
[ 3460.023335]  kstrdup+0x3a/0x70
[ 3460.026517]  kstrdup_const+0x66/0x80
[ 3460.030237]  alloc_vfsmnt+0xba/0x780
[ 3460.033949]  vfs_kern_mount.part.0+0x2a/0x410
[ 3460.038442]  do_mount+0x581/0x2d30
[ 3460.041985]  ? finish_automount+0x461/0x490
[ 3460.046305]  ? copy_mount_string+0x40/0x40
[ 3460.050534]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3460.055377]  ? _copy_from_user+0xdd/0x150
[ 3460.059513]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3460.065034]  ? copy_mount_options+0x30e/0x440
[ 3460.069514]  ksys_mount+0xdb/0x150
[ 3460.073032]  __x64_sys_mount+0xbe/0x150
[ 3460.076983]  do_syscall_64+0x103/0x610
[ 3460.080845]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3460.086025] RIP: 0033:0x45a8aa
[ 3460.089373] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3460.108336] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3460.116019] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3460.123263] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3460.130506] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3460.137751] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3460.145002] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:28 executing program 1 (fault-call:0 fault-nth:39):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:28 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf0ffff}, 0x0)

18:27:28 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:28 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x100000000000000}, 0x0)

18:27:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:28 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reicerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3460.306940] FAULT_INJECTION: forcing a failure.
[ 3460.306940] name failslab, interval 1, probability 0, space 0, times 0
[ 3460.307331] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3460.307941] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:28 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3460.361253] CPU: 0 PID: 7909 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3460.368365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3460.377711] Call Trace:
[ 3460.380302]  dump_stack+0x172/0x1f0
[ 3460.383936]  should_fail.cold+0xa/0x1b
[ 3460.387821]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3460.392921]  ? lock_downgrade+0x810/0x810
[ 3460.397076]  ? ___might_sleep+0x163/0x280
[ 3460.401226]  __should_failslab+0x121/0x190
[ 3460.405466]  should_failslab+0x9/0x14
18:27:28 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\xfe\xff\xff\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3460.409262]  kmem_cache_alloc+0x2be/0x710
[ 3460.413413]  ? lock_downgrade+0x810/0x810
[ 3460.417576]  alloc_vfsmnt+0x28/0x780
[ 3460.417808] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3460.418476] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3460.421283]  vfs_kern_mount.part.0+0x2a/0x410
[ 3460.421301]  do_mount+0x581/0x2d30
[ 3460.421311]  ? finish_automount+0x461/0x490
[ 3460.421326]  ? copy_mount_string+0x40/0x40
[ 3460.454517]  ? kmem_cache_alloc_trace+0x354/0x760
18:27:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:28 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x200000000000000}, 0x0)

18:27:28 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x1000000}, 0x0)

[ 3460.454541]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3460.454555]  ? copy_mount_options+0x30e/0x440
[ 3460.454571]  ksys_mount+0xdb/0x150
[ 3460.454587]  __x64_sys_mount+0xbe/0x150
[ 3460.454604]  do_syscall_64+0x103/0x610
[ 3460.454620]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3460.454632] RIP: 0033:0x45a8aa
[ 3460.464991] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3460.464998] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3460.465011] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3460.465020] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3460.465028] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3460.465035] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3460.465041] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3460.583129] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3460.607525] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:29 executing program 1 (fault-call:0 fault-nth:40):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:29 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:29 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x300000000000000}, 0x0)

18:27:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:29 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x2000000}, 0x0)

18:27:29 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiderfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3460.757981] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3460.794824] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:29 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:29 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x3000000}, 0x0)

18:27:29 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x400000000000000}, 0x0)

[ 3460.831342] FAULT_INJECTION: forcing a failure.
[ 3460.831342] name failslab, interval 1, probability 0, space 0, times 0
[ 3460.855629] CPU: 0 PID: 7965 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3460.862877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3460.862899] Call Trace:
[ 3460.874838]  dump_stack+0x172/0x1f0
[ 3460.878464]  should_fail.cold+0xa/0x1b
[ 3460.882348]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3460.882362]  ? lock_downgrade+0x810/0x810
[ 3460.882376]  ? ___might_sleep+0x163/0x280
[ 3460.895731]  __should_failslab+0x121/0x190
[ 3460.899971]  should_failslab+0x9/0x14
[ 3460.903770]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3460.908442]  ? kasan_check_read+0x11/0x20
[ 3460.911007] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3460.912598]  ? do_raw_spin_unlock+0x57/0x270
18:27:29 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\a\xff\xff\xfe\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3460.913056] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3460.925307]  ? kill_litter_super+0x60/0x60
[ 3460.937838]  sget_userns+0x11b/0xd30
[ 3460.941530]  ? kill_litter_super+0x60/0x60
[ 3460.945742]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3460.951274]  ? ns_test_super+0x50/0x50
[ 3460.955142]  ? ns_test_super+0x50/0x50
[ 3460.959010]  ? kill_litter_super+0x60/0x60
[ 3460.963225]  sget+0x10c/0x150
[ 3460.966360]  mount_bdev+0xff/0x3c0
[ 3460.969887]  ? finish_unfinished+0x1120/0x1120
[ 3460.974462]  get_super_block+0x35/0x40
[ 3460.978340]  mount_fs+0x106/0x3ff
[ 3460.981793]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3460.986268]  ? __init_waitqueue_head+0x36/0x90
[ 3460.990829]  vfs_kern_mount.part.0+0x6f/0x410
[ 3460.995302]  do_mount+0x581/0x2d30
[ 3460.998825]  ? finish_automount+0x461/0x490
[ 3461.003138]  ? copy_mount_string+0x40/0x40
[ 3461.007367]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3461.012196]  ? _copy_from_user+0xdd/0x150
[ 3461.016328]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3461.021859]  ? copy_mount_options+0x30e/0x440
[ 3461.026357]  ksys_mount+0xdb/0x150
[ 3461.029885]  __x64_sys_mount+0xbe/0x150
[ 3461.033840]  do_syscall_64+0x103/0x610
[ 3461.037706]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3461.042963] RIP: 0033:0x45a8aa
[ 3461.046155] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3461.065336] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3461.073021] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3461.080267] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3461.087517] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3461.094762] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3461.102006] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:29 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x4000000}, 0x0)

[ 3461.156130] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3461.156819] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:29 executing program 1 (fault-call:0 fault-nth:41):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:29 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x600000000000000}, 0x0)

18:27:29 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:29 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiherfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:29 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x5000000}, 0x0)

18:27:29 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x800000000000000}, 0x0)

18:27:29 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3461.398550] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3461.399262] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:29 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6000000}, 0x0)

[ 3461.485814] FAULT_INJECTION: forcing a failure.
[ 3461.485814] name failslab, interval 1, probability 0, space 0, times 0
[ 3461.543127] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3461.547381] CPU: 0 PID: 8023 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3461.555820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3461.555826] Call Trace:
[ 3461.555849]  dump_stack+0x172/0x1f0
[ 3461.555867]  should_fail.cold+0xa/0x1b
[ 3461.555882]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3461.572550]  ? lock_downgrade+0x810/0x810
[ 3461.572566]  ? ___might_sleep+0x163/0x280
18:27:30 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xa00000000000000}, 0x0)

18:27:30 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3461.572608]  __should_failslab+0x121/0x190
[ 3461.572623]  should_failslab+0x9/0x14
[ 3461.588909] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3461.603990]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3461.617045]  ? kasan_check_read+0x11/0x20
[ 3461.621193]  ? do_raw_spin_unlock+0x57/0x270
[ 3461.625601]  ? kill_litter_super+0x60/0x60
[ 3461.629819]  sget_userns+0x11b/0xd30
[ 3461.633518]  ? kill_litter_super+0x60/0x60
[ 3461.637736]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3461.643250]  ? ns_test_super+0x50/0x50
[ 3461.647111]  ? ns_test_super+0x50/0x50
[ 3461.650972]  ? kill_litter_super+0x60/0x60
[ 3461.655183]  sget+0x10c/0x150
[ 3461.658270]  mount_bdev+0xff/0x3c0
[ 3461.661784]  ? finish_unfinished+0x1120/0x1120
[ 3461.666347]  get_super_block+0x35/0x40
[ 3461.670214]  mount_fs+0x106/0x3ff
[ 3461.673649]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3461.678134]  ? __init_waitqueue_head+0x36/0x90
[ 3461.682804]  vfs_kern_mount.part.0+0x6f/0x410
[ 3461.687278]  do_mount+0x581/0x2d30
[ 3461.690794]  ? finish_automount+0x461/0x490
[ 3461.695126]  ? copy_mount_string+0x40/0x40
[ 3461.699343]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3461.704264]  ? _copy_from_user+0xdd/0x150
[ 3461.708392]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3461.713923]  ? copy_mount_options+0x30e/0x440
[ 3461.718399]  ksys_mount+0xdb/0x150
[ 3461.721918]  __x64_sys_mount+0xbe/0x150
[ 3461.725875]  do_syscall_64+0x103/0x610
[ 3461.729755]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3461.734924] RIP: 0033:0x45a8aa
[ 3461.738095] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3461.756970] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3461.764650] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3461.771893] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3461.779136] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3461.786378] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3461.793624] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3461.858374] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3461.863697] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:30 executing program 1 (fault-call:0 fault-nth:42):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:30 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xc00000000000000}, 0x0)

18:27:30 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x7000000}, 0x0)

18:27:30 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiierfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:30 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:30 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xe00000000000000}, 0x0)

18:27:30 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x8000000}, 0x0)

[ 3462.077312] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3462.078098] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:30 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3462.163696] FAULT_INJECTION: forcing a failure.
[ 3462.163696] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3462.175756] CPU: 1 PID: 8079 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3462.182875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3462.192237] Call Trace:
[ 3462.194826]  dump_stack+0x172/0x1f0
[ 3462.198457]  should_fail.cold+0xa/0x1b
[ 3462.202350]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3462.207457]  should_fail_alloc_page+0x50/0x60
[ 3462.211949]  __alloc_pages_nodemask+0x1a1/0x710
[ 3462.216622]  ? __alloc_pages_slowpath+0x2900/0x2900
[ 3462.221645]  cache_grow_begin+0x9c/0x8c0
[ 3462.225702]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3462.231238]  ? check_preemption_disabled+0x48/0x290
[ 3462.236350]  kmem_cache_alloc_trace+0x67f/0x760
[ 3462.241022]  ? kill_litter_super+0x60/0x60
[ 3462.245263]  sget_userns+0x11b/0xd30
[ 3462.248990]  ? kill_litter_super+0x60/0x60
[ 3462.253253]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3462.258817]  ? ns_test_super+0x50/0x50
18:27:30 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xa000000}, 0x0)

18:27:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3462.262719]  ? ns_test_super+0x50/0x50
[ 3462.266606]  ? kill_litter_super+0x60/0x60
[ 3462.270844]  sget+0x10c/0x150
[ 3462.273957]  mount_bdev+0xff/0x3c0
[ 3462.277505]  ? finish_unfinished+0x1120/0x1120
[ 3462.282094]  get_super_block+0x35/0x40
[ 3462.285989]  mount_fs+0x106/0x3ff
[ 3462.289449]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3462.293947]  ? __init_waitqueue_head+0x36/0x90
[ 3462.298535]  vfs_kern_mount.part.0+0x6f/0x410
[ 3462.303043]  do_mount+0x581/0x2d30
[ 3462.306583]  ? finish_automount+0x461/0x490
[ 3462.310911]  ? copy_mount_string+0x40/0x40
[ 3462.315157]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3462.319984]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3462.325516]  ? copy_mount_options+0x30e/0x440
[ 3462.330004]  ksys_mount+0xdb/0x150
[ 3462.333529]  __x64_sys_mount+0xbe/0x150
[ 3462.337482]  do_syscall_64+0x103/0x610
[ 3462.341352]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3462.346529] RIP: 0033:0x45a8aa
[ 3462.349708] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3462.368588] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3462.376280] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3462.383535] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3462.390793] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3462.398038] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3462.405294] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3462.415246] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
[ 3462.480168] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3462.480911] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:31 executing program 1 (fault-call:0 fault-nth:43):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:31 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf00000000000000}, 0x0)

18:27:31 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xc000000}, 0x0)

18:27:31 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reikerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3462.651393] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xc150000}, 0x0)

18:27:31 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:31 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x1000000000000000}, 0x0)

[ 3462.653595] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3462.759629] FAULT_INJECTION: forcing a failure.
[ 3462.759629] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3462.771564] CPU: 1 PID: 8134 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3462.778764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3462.788113] Call Trace:
[ 3462.790828]  dump_stack+0x172/0x1f0
[ 3462.794464]  should_fail.cold+0xa/0x1b
[ 3462.798374]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3462.803594]  should_fail_alloc_page+0x50/0x60
[ 3462.808084]  __alloc_pages_nodemask+0x1a1/0x710
[ 3462.812866]  ? __alloc_pages_slowpath+0x2900/0x2900
[ 3462.813996] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3462.818008]  cache_grow_begin+0x9c/0x8c0
[ 3462.818024]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[ 3462.831930] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3462.835993]  ? check_preemption_disabled+0x48/0x290
[ 3462.849304]  kmem_cache_alloc_trace+0x67f/0x760
[ 3462.853971]  ? kill_litter_super+0x60/0x60
[ 3462.853989]  sget_userns+0x11b/0xd30
[ 3462.854000]  ? kill_litter_super+0x60/0x60
[ 3462.854015]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3462.854027]  ? ns_test_super+0x50/0x50
[ 3462.854040]  ? ns_test_super+0x50/0x50
[ 3462.879419]  ? kill_litter_super+0x60/0x60
[ 3462.883652]  sget+0x10c/0x150
[ 3462.886755]  mount_bdev+0xff/0x3c0
[ 3462.890293]  ? finish_unfinished+0x1120/0x1120
[ 3462.894876]  get_super_block+0x35/0x40
[ 3462.898776]  mount_fs+0x106/0x3ff
[ 3462.902236]  ? emergency_thaw_all+0x1a0/0x1a0
18:27:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xe000000}, 0x0)

18:27:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3462.906872]  ? __init_waitqueue_head+0x36/0x90
[ 3462.911449]  vfs_kern_mount.part.0+0x6f/0x410
[ 3462.915955]  do_mount+0x581/0x2d30
[ 3462.919587]  ? finish_automount+0x461/0x490
[ 3462.923909]  ? copy_mount_string+0x40/0x40
[ 3462.928135]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3462.932986]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3462.938518]  ? copy_mount_options+0x30e/0x440
[ 3462.943013]  ksys_mount+0xdb/0x150
[ 3462.946549]  __x64_sys_mount+0xbe/0x150
[ 3462.950541]  do_syscall_64+0x103/0x610
[ 3462.954416]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3462.959581] RIP: 0033:0x45a8aa
[ 3462.962751] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3462.981760] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3462.989475] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3462.996728] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3463.003985] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3463.011240] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3463.018506] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3463.037657] REISERFS warning (device loop1): sh-2021 reiserfs_fill_super: can not find reiserfs on loop1
18:27:31 executing program 1 (fault-call:0 fault-nth:44):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:31 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf000000}, 0x0)

18:27:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:31 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x1b39000000000000}, 0x0)

18:27:31 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reilerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:31 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x3f00000000000000}, 0x0)

[ 3463.215481] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:31 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x10000000}, 0x0)

18:27:31 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3463.219499] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3463.331785] FAULT_INJECTION: forcing a failure.
[ 3463.331785] name failslab, interval 1, probability 0, space 0, times 0
[ 3463.361933] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3463.366142] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3463.390357] CPU: 1 PID: 8191 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3463.406104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3463.415531] Call Trace:
[ 3463.418119]  dump_stack+0x172/0x1f0
[ 3463.421747]  should_fail.cold+0xa/0x1b
[ 3463.425635]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3463.430730]  ? lock_downgrade+0x810/0x810
[ 3463.434870]  ? ___might_sleep+0x163/0x280
[ 3463.439010]  __should_failslab+0x121/0x190
[ 3463.439026]  should_failslab+0x9/0x14
[ 3463.439037]  kmem_cache_alloc_node_trace+0x270/0x720
[ 3463.439051]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3463.457684]  __kmalloc_node+0x3d/0x70
[ 3463.461475]  kvmalloc_node+0x68/0x100
[ 3463.465261]  __list_lru_init+0x4aa/0x6e0
[ 3463.469315]  sget_userns+0x81e/0xd30
[ 3463.473020]  ? kill_litter_super+0x60/0x60
[ 3463.477243]  ? ns_test_super+0x50/0x50
[ 3463.481122]  ? ns_test_super+0x50/0x50
[ 3463.484984]  ? kill_litter_super+0x60/0x60
[ 3463.489194]  sget+0x10c/0x150
[ 3463.492281]  mount_bdev+0xff/0x3c0
[ 3463.495813]  ? finish_unfinished+0x1120/0x1120
[ 3463.500385]  get_super_block+0x35/0x40
[ 3463.504251]  mount_fs+0x106/0x3ff
[ 3463.507681]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3463.512161]  ? __init_waitqueue_head+0x36/0x90
[ 3463.516747]  vfs_kern_mount.part.0+0x6f/0x410
[ 3463.521230]  do_mount+0x581/0x2d30
[ 3463.524758]  ? finish_automount+0x461/0x490
[ 3463.529076]  ? copy_mount_string+0x40/0x40
[ 3463.533325]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3463.538179]  ? _copy_from_user+0xdd/0x150
[ 3463.542333]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3463.547850]  ? copy_mount_options+0x30e/0x440
[ 3463.552328]  ksys_mount+0xdb/0x150
[ 3463.555858]  __x64_sys_mount+0xbe/0x150
[ 3463.559844]  do_syscall_64+0x103/0x610
[ 3463.563715]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3463.568970] RIP: 0033:0x45a8aa
[ 3463.572148] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
18:27:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:32 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x20000000}, 0x0)

18:27:32 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x6000000000000000}, 0x0)

[ 3463.591049] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3463.598748] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3463.606000] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3463.613248] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3463.620497] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3463.627763] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:32 executing program 1 (fault-call:0 fault-nth:45):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:32 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\xff', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:32 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x6558000000000000}, 0x0)

18:27:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:32 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x48000000}, 0x0)

18:27:32 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reioerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3463.827539] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3463.830156] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:32 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x8100000000000000}, 0x0)

18:27:32 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3463.929387] FAULT_INJECTION: forcing a failure.
[ 3463.929387] name failslab, interval 1, probability 0, space 0, times 0
[ 3464.019855] CPU: 0 PID: 8244 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3464.027094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3464.036465] Call Trace:
[ 3464.039058]  dump_stack+0x172/0x1f0
[ 3464.042719]  should_fail.cold+0xa/0x1b
[ 3464.046596] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3464.046615]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3464.059943] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:32 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x4c000000}, 0x0)

18:27:32 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3464.060028]  ? lock_downgrade+0x810/0x810
[ 3464.072476]  ? ___might_sleep+0x163/0x280
[ 3464.076620]  __should_failslab+0x121/0x190
[ 3464.080837]  should_failslab+0x9/0x14
[ 3464.084615]  kmem_cache_alloc_node_trace+0x270/0x720
[ 3464.089697]  ? rcu_lockdep_current_cpu_online+0xe3/0x130
[ 3464.095134]  __kmalloc_node+0x3d/0x70
[ 3464.099007]  kvmalloc_node+0x68/0x100
[ 3464.102788]  __list_lru_init+0x4aa/0x6e0
[ 3464.106841]  sget_userns+0x81e/0xd30
[ 3464.110538]  ? kill_litter_super+0x60/0x60
[ 3464.114830]  ? ns_test_super+0x50/0x50
[ 3464.118695]  ? ns_test_super+0x50/0x50
[ 3464.122554]  ? kill_litter_super+0x60/0x60
[ 3464.126769]  sget+0x10c/0x150
[ 3464.129857]  mount_bdev+0xff/0x3c0
[ 3464.133385]  ? finish_unfinished+0x1120/0x1120
[ 3464.138070]  get_super_block+0x35/0x40
[ 3464.141936]  mount_fs+0x106/0x3ff
[ 3464.145392]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3464.149956]  ? __init_waitqueue_head+0x36/0x90
[ 3464.154531]  vfs_kern_mount.part.0+0x6f/0x410
[ 3464.159005]  do_mount+0x581/0x2d30
[ 3464.162534]  ? finish_automount+0x461/0x490
[ 3464.166840]  ? copy_mount_string+0x40/0x40
[ 3464.171058]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3464.175900]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3464.181416]  ? copy_mount_options+0x30e/0x440
[ 3464.185893]  ksys_mount+0xdb/0x150
[ 3464.189417]  __x64_sys_mount+0xbe/0x150
[ 3464.193378]  do_syscall_64+0x103/0x610
[ 3464.197252]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3464.202421] RIP: 0033:0x45a8aa
18:27:32 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x88a8ffff00000000}, 0x0)

18:27:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3464.205610] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3464.224489] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3464.232171] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3464.239430] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3464.246688] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3464.253956] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3464.261205] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3464.330266] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3464.331074] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:32 executing program 1 (fault-call:0 fault-nth:46):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:32 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x9effffff00000000}, 0x0)

18:27:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:32 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x60000000}, 0x0)

18:27:32 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:32 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiperfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:32 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x65580000}, 0x0)

18:27:32 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xf0ffffff00000000}, 0x0)

18:27:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3464.606899] FAULT_INJECTION: forcing a failure.
[ 3464.606899] name failslab, interval 1, probability 0, space 0, times 0
[ 3464.607697] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3464.608500] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3464.692145] CPU: 0 PID: 8303 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3464.699285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3464.699291] Call Trace:
[ 3464.699310]  dump_stack+0x172/0x1f0
[ 3464.699335]  should_fail.cold+0xa/0x1b
[ 3464.718777]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3464.723877]  ? lock_downgrade+0x810/0x810
[ 3464.728036]  ? ___might_sleep+0x163/0x280
[ 3464.732183]  __should_failslab+0x121/0x190
[ 3464.736417]  should_failslab+0x9/0x14
18:27:33 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3464.740211]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3464.744877]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3464.749977]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3464.755015]  __list_lru_init+0x3d3/0x6e0
[ 3464.759100]  sget_userns+0x81e/0xd30
[ 3464.762804]  ? kill_litter_super+0x60/0x60
[ 3464.762821]  ? ns_test_super+0x50/0x50
[ 3464.762833]  ? ns_test_super+0x50/0x50
[ 3464.762846]  ? kill_litter_super+0x60/0x60
[ 3464.779038]  sget+0x10c/0x150
[ 3464.782152]  mount_bdev+0xff/0x3c0
[ 3464.785693]  ? finish_unfinished+0x1120/0x1120
18:27:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3464.790275]  get_super_block+0x35/0x40
[ 3464.794174]  mount_fs+0x106/0x3ff
[ 3464.797628]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3464.802121]  ? __init_waitqueue_head+0x36/0x90
[ 3464.803696] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3464.805482] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3464.806700]  vfs_kern_mount.part.0+0x6f/0x410
[ 3464.806717]  do_mount+0x581/0x2d30
[ 3464.831430]  ? finish_automount+0x461/0x490
[ 3464.835755]  ? copy_mount_string+0x40/0x40
[ 3464.839985]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3464.844827]  ? _copy_from_user+0xdd/0x150
[ 3464.848972]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3464.854501]  ? copy_mount_options+0x30e/0x440
[ 3464.859000]  ksys_mount+0xdb/0x150
[ 3464.862554]  __x64_sys_mount+0xbe/0x150
[ 3464.866527]  do_syscall_64+0x103/0x610
[ 3464.870421]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3464.875604] RIP: 0033:0x45a8aa
[ 3464.878790] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3464.897862] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3464.905599] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3464.912863] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3464.912872] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3464.912880] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3464.912890] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:33 executing program 1 (fault-call:0 fault-nth:47):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:33 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:33 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xffffff7f00000000}, 0x0)

18:27:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x68000000}, 0x0)

18:27:33 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiterfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6c000000}, 0x0)

[ 3465.052255] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3465.054549] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3465.113884] FAULT_INJECTION: forcing a failure.
[ 3465.113884] name failslab, interval 1, probability 0, space 0, times 0
[ 3465.113898] CPU: 1 PID: 8356 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3465.132183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3465.141529] Call Trace:
[ 3465.144114]  dump_stack+0x172/0x1f0
[ 3465.147761]  should_fail.cold+0xa/0x1b
[ 3465.151660]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3465.156760]  ? lock_downgrade+0x810/0x810
18:27:33 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3465.160910]  ? ___might_sleep+0x163/0x280
[ 3465.165067]  __should_failslab+0x121/0x190
[ 3465.169299]  should_failslab+0x9/0x14
[ 3465.173095]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3465.177770]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3465.180768] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3465.181450] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3465.182877]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3465.182895]  __list_lru_init+0x3d3/0x6e0
[ 3465.182913]  sget_userns+0x81e/0xd30
[ 3465.212160]  ? kill_litter_super+0x60/0x60
[ 3465.216390]  ? ns_test_super+0x50/0x50
[ 3465.220276]  ? ns_test_super+0x50/0x50
[ 3465.224160]  ? kill_litter_super+0x60/0x60
[ 3465.228385]  sget+0x10c/0x150
[ 3465.228402]  mount_bdev+0xff/0x3c0
[ 3465.228417]  ? finish_unfinished+0x1120/0x1120
[ 3465.228433]  get_super_block+0x35/0x40
[ 3465.228447]  mount_fs+0x106/0x3ff
[ 3465.249057]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3465.253557]  ? __init_waitqueue_head+0x36/0x90
[ 3465.258147]  vfs_kern_mount.part.0+0x6f/0x410
18:27:33 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xffffffff00000000}, 0x0)

[ 3465.262651]  do_mount+0x581/0x2d30
[ 3465.266196]  ? finish_automount+0x461/0x490
[ 3465.270530]  ? copy_mount_string+0x40/0x40
[ 3465.274773]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3465.279629]  ? _copy_from_user+0xdd/0x150
[ 3465.283795]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3465.289443]  ? copy_mount_options+0x30e/0x440
[ 3465.293945]  ksys_mount+0xdb/0x150
[ 3465.297496]  __x64_sys_mount+0xbe/0x150
[ 3465.301480]  do_syscall_64+0x103/0x610
[ 3465.305382]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3465.310571] RIP: 0033:0x45a8aa
[ 3465.313767] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3465.332665] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3465.332680] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3465.332690] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3465.332699] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
18:27:33 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0xfffffffffffff000}, 0x0)

18:27:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3465.332707] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3465.332716] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:33 executing program 1 (fault-call:0 fault-nth:48):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:33 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x74000000}, 0x0)

18:27:33 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiuerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:33 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:33 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x7a000000}, 0x0)

[ 3465.545691] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3465.546404] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:34 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3465.670198] FAULT_INJECTION: forcing a failure.
[ 3465.670198] name failslab, interval 1, probability 0, space 0, times 0
18:27:34 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x81000000}, 0x0)

18:27:34 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3465.732460] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3465.734192] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3465.756832] CPU: 0 PID: 8410 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3465.772341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3465.781681] Call Trace:
[ 3465.781705]  dump_stack+0x172/0x1f0
[ 3465.781727]  should_fail.cold+0xa/0x1b
[ 3465.791776]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3465.791789]  ? lock_downgrade+0x810/0x810
[ 3465.791804]  ? ___might_sleep+0x163/0x280
[ 3465.805149]  __should_failslab+0x121/0x190
[ 3465.809362]  should_failslab+0x9/0x14
[ 3465.813138]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3465.817786]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3465.822869]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3465.827777]  __list_lru_init+0x3d3/0x6e0
[ 3465.831815]  sget_userns+0x81e/0xd30
[ 3465.835504]  ? kill_litter_super+0x60/0x60
[ 3465.839717]  ? ns_test_super+0x50/0x50
[ 3465.843582]  ? ns_test_super+0x50/0x50
[ 3465.847451]  ? kill_litter_super+0x60/0x60
[ 3465.851668]  sget+0x10c/0x150
[ 3465.854772]  mount_bdev+0xff/0x3c0
[ 3465.858305]  ? finish_unfinished+0x1120/0x1120
[ 3465.862872]  get_super_block+0x35/0x40
[ 3465.866736]  mount_fs+0x106/0x3ff
[ 3465.870164]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3465.874640]  ? __init_waitqueue_head+0x36/0x90
[ 3465.879204]  vfs_kern_mount.part.0+0x6f/0x410
[ 3465.883676]  do_mount+0x581/0x2d30
[ 3465.887192]  ? finish_automount+0x461/0x490
[ 3465.891487]  ? copy_mount_string+0x40/0x40
[ 3465.895698]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3465.900529]  ? _copy_from_user+0xdd/0x150
[ 3465.904655]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3465.910165]  ? copy_mount_options+0x30e/0x440
[ 3465.914638]  ksys_mount+0xdb/0x150
[ 3465.918155]  __x64_sys_mount+0xbe/0x150
[ 3465.922108]  do_syscall_64+0x103/0x610
[ 3465.925980]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3465.931177] RIP: 0033:0x45a8aa
[ 3465.934350] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3465.953230] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3465.960923] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3465.968292] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3465.975560] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
18:27:34 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3465.982806] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3465.990052] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3466.116781] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3466.117505] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:34 executing program 1 (fault-call:0 fault-nth:49):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:34 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x88a8ffff}, 0x0)

18:27:34 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:34 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reixerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:34 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3466.329429] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3466.342944] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3466.391110] FAULT_INJECTION: forcing a failure.
[ 3466.391110] name failslab, interval 1, probability 0, space 0, times 0
[ 3466.414631] CPU: 1 PID: 8469 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3466.421747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3466.431107] Call Trace:
[ 3466.433716]  dump_stack+0x172/0x1f0
[ 3466.437351]  should_fail.cold+0xa/0x1b
[ 3466.441240]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3466.441257]  ? lock_downgrade+0x810/0x810
[ 3466.450485]  ? ___might_sleep+0x163/0x280
[ 3466.454731]  __should_failslab+0x121/0x190
[ 3466.454747]  should_failslab+0x9/0x14
[ 3466.454760]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3466.454774]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3466.454793]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3466.454808]  __list_lru_init+0x3d3/0x6e0
[ 3466.454825]  sget_userns+0x81e/0xd30
[ 3466.481517]  ? kill_litter_super+0x60/0x60
[ 3466.481536]  ? ns_test_super+0x50/0x50
[ 3466.493322]  ? ns_test_super+0x50/0x50
[ 3466.497203]  ? kill_litter_super+0x60/0x60
[ 3466.501427]  sget+0x10c/0x150
[ 3466.504533]  mount_bdev+0xff/0x3c0
[ 3466.508070]  ? finish_unfinished+0x1120/0x1120
[ 3466.512732]  get_super_block+0x35/0x40
[ 3466.512747]  mount_fs+0x106/0x3ff
[ 3466.512761]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3466.524540]  ? __init_waitqueue_head+0x36/0x90
[ 3466.529247]  vfs_kern_mount.part.0+0x6f/0x410
[ 3466.533749]  do_mount+0x581/0x2d30
[ 3466.537283]  ? finish_automount+0x461/0x490
[ 3466.541607]  ? copy_mount_string+0x40/0x40
[ 3466.545841]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3466.550689]  ? _copy_from_user+0xdd/0x150
[ 3466.554832]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3466.554846]  ? copy_mount_options+0x30e/0x440
[ 3466.554863]  ksys_mount+0xdb/0x150
[ 3466.554878]  __x64_sys_mount+0xbe/0x150
[ 3466.554896]  do_syscall_64+0x103/0x610
[ 3466.554921]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3466.554934] RIP: 0033:0x45a8aa
[ 3466.572420] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3466.603517] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3466.611212] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3466.618486] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3466.625745] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3466.633005] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:34 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x9effffff}, 0x0)

18:27:34 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:35 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:35 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3466.640266] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:35 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf0ffffff}, 0x0)

[ 3466.699916] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3466.706394] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:35 executing program 1 (fault-call:0 fault-nth:50):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:35 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:35 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:35 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiyerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:35 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xfe010000}, 0x0)

18:27:35 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:35 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3466.857796] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3466.858551] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:35 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xffffa888}, 0x0)

18:27:35 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3466.983934] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3466.984655] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:35 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3467.059505] FAULT_INJECTION: forcing a failure.
[ 3467.059505] name failslab, interval 1, probability 0, space 0, times 0
[ 3467.089230] CPU: 0 PID: 8528 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3467.096369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3467.105808] Call Trace:
[ 3467.108402]  dump_stack+0x172/0x1f0
[ 3467.112033]  should_fail.cold+0xa/0x1b
[ 3467.115942]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3467.120244] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3467.120884] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3467.121041]  ? lock_downgrade+0x810/0x810
[ 3467.141790]  ? ___might_sleep+0x163/0x280
[ 3467.145942]  __should_failslab+0x121/0x190
[ 3467.150269]  should_failslab+0x9/0x14
[ 3467.154074]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3467.158724]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3467.163810]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3467.168715]  __list_lru_init+0x3d3/0x6e0
[ 3467.172769]  sget_userns+0x81e/0xd30
[ 3467.176470]  ? kill_litter_super+0x60/0x60
[ 3467.180770]  ? ns_test_super+0x50/0x50
[ 3467.184636]  ? ns_test_super+0x50/0x50
[ 3467.188499]  ? kill_litter_super+0x60/0x60
[ 3467.192726]  sget+0x10c/0x150
[ 3467.195810]  mount_bdev+0xff/0x3c0
[ 3467.199327]  ? finish_unfinished+0x1120/0x1120
[ 3467.203889]  get_super_block+0x35/0x40
[ 3467.207762]  mount_fs+0x106/0x3ff
[ 3467.211191]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3467.215664]  ? __init_waitqueue_head+0x36/0x90
[ 3467.220226]  vfs_kern_mount.part.0+0x6f/0x410
[ 3467.224706]  do_mount+0x581/0x2d30
[ 3467.228220]  ? finish_automount+0x461/0x490
[ 3467.232518]  ? copy_mount_string+0x40/0x40
[ 3467.236727]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3467.241565]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3467.247083]  ? copy_mount_options+0x30e/0x440
[ 3467.251643]  ksys_mount+0xdb/0x150
[ 3467.255595]  __x64_sys_mount+0xbe/0x150
[ 3467.259548]  do_syscall_64+0x103/0x610
[ 3467.263437]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3467.268606] RIP: 0033:0x45a8aa
[ 3467.271777] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3467.290653] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3467.298346] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3467.305591] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3467.312833] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3467.320083] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3467.327540] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:35 executing program 1 (fault-call:0 fault-nth:51):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:35 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xfffff000}, 0x0)

18:27:35 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:35 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reizerfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:35 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:35 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xffffff7f}, 0x0)

18:27:35 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:35 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3467.499502] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3467.502017] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:36 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xffffff9e}, 0x0)

[ 3467.669132] FAULT_INJECTION: forcing a failure.
[ 3467.669132] name failslab, interval 1, probability 0, space 0, times 0
[ 3467.689956] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3467.691230] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3467.734260] CPU: 0 PID: 8580 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3467.749705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3467.759047] Call Trace:
[ 3467.761634]  dump_stack+0x172/0x1f0
[ 3467.765258]  should_fail.cold+0xa/0x1b
[ 3467.769138]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3467.774234]  ? lock_downgrade+0x810/0x810
[ 3467.778377]  ? ___might_sleep+0x163/0x280
[ 3467.782520]  __should_failslab+0x121/0x190
[ 3467.786743]  should_failslab+0x9/0x14
[ 3467.790531]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3467.790545]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3467.790561]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3467.805226]  __list_lru_init+0x3d3/0x6e0
[ 3467.809277]  sget_userns+0x81e/0xd30
[ 3467.812977]  ? kill_litter_super+0x60/0x60
[ 3467.817296]  ? ns_test_super+0x50/0x50
[ 3467.817309]  ? ns_test_super+0x50/0x50
[ 3467.817320]  ? kill_litter_super+0x60/0x60
[ 3467.817333]  sget+0x10c/0x150
[ 3467.829387]  mount_bdev+0xff/0x3c0
[ 3467.829402]  ? finish_unfinished+0x1120/0x1120
[ 3467.829418]  get_super_block+0x35/0x40
[ 3467.836023]  mount_fs+0x106/0x3ff
[ 3467.836038]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3467.836052]  ? __init_waitqueue_head+0x36/0x90
[ 3467.857096]  vfs_kern_mount.part.0+0x6f/0x410
[ 3467.861596]  do_mount+0x581/0x2d30
[ 3467.865134]  ? finish_automount+0x461/0x490
[ 3467.869458]  ? copy_mount_string+0x40/0x40
[ 3467.873690]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3467.878535]  ? _copy_from_user+0xdd/0x150
[ 3467.882681]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3467.888209]  ? copy_mount_options+0x30e/0x440
[ 3467.892700]  ksys_mount+0xdb/0x150
[ 3467.896233]  __x64_sys_mount+0xbe/0x150
[ 3467.900187]  do_syscall_64+0x103/0x610
[ 3467.904054]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3467.909225] RIP: 0033:0x45a8aa
[ 3467.912398] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3467.931294] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3467.938977] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3467.946219] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3467.953758] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3467.961009] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3467.968252] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:36 executing program 1 (fault-call:0 fault-nth:52):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:36 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xfffffff0}, 0x0)

18:27:36 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:36 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reis\nrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:36 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:36 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:36 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x40030000000000}, 0x0)

[ 3468.191632] FAULT_INJECTION: forcing a failure.
[ 3468.191632] name failslab, interval 1, probability 0, space 0, times 0
[ 3468.240013] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3468.248265] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:36 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf0ffffffffffff}, 0x0)

18:27:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3468.283836] CPU: 0 PID: 8633 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3468.299259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3468.308603] Call Trace:
[ 3468.311190]  dump_stack+0x172/0x1f0
[ 3468.314815]  should_fail.cold+0xa/0x1b
[ 3468.318703]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3468.323810]  ? lock_downgrade+0x810/0x810
[ 3468.323825]  ? ___might_sleep+0x163/0x280
[ 3468.323842]  __should_failslab+0x121/0x190
[ 3468.323856]  should_failslab+0x9/0x14
[ 3468.332113]  kmem_cache_alloc_trace+0x2d1/0x760
18:27:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3468.332126]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3468.332143]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3468.354799]  __list_lru_init+0x3d3/0x6e0
[ 3468.358868]  sget_userns+0x81e/0xd30
[ 3468.362577]  ? kill_litter_super+0x60/0x60
[ 3468.366806]  ? ns_test_super+0x50/0x50
[ 3468.370685]  ? ns_test_super+0x50/0x50
[ 3468.374564]  ? kill_litter_super+0x60/0x60
[ 3468.374576]  sget+0x10c/0x150
[ 3468.374591]  mount_bdev+0xff/0x3c0
[ 3468.385416]  ? finish_unfinished+0x1120/0x1120
[ 3468.389991]  get_super_block+0x35/0x40
[ 3468.390007]  mount_fs+0x106/0x3ff
[ 3468.390024]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3468.390038]  ? __init_waitqueue_head+0x36/0x90
[ 3468.406373]  vfs_kern_mount.part.0+0x6f/0x410
[ 3468.406391]  do_mount+0x581/0x2d30
[ 3468.406404]  ? finish_automount+0x461/0x490
[ 3468.406419]  ? copy_mount_string+0x40/0x40
[ 3468.418707]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3468.418725]  ? _copy_from_user+0xdd/0x150
[ 3468.418743]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3468.437427]  ? copy_mount_options+0x30e/0x440
[ 3468.441923]  ksys_mount+0xdb/0x150
[ 3468.445461]  __x64_sys_mount+0xbe/0x150
18:27:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3468.449437]  do_syscall_64+0x103/0x610
[ 3468.453330]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3468.458510] RIP: 0033:0x45a8aa
[ 3468.461699] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3468.480584] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3468.480598] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3468.480606] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3468.480614] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3468.480621] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3468.480628] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:37 executing program 1 (fault-call:0 fault-nth:53):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:37 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:37 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x100000000000000}, 0x0)

[ 3468.680898] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:37 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reis%rfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:37 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x200000000000000}, 0x0)

18:27:37 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:37 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3468.714686] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3468.762983] FAULT_INJECTION: forcing a failure.
[ 3468.762983] name failslab, interval 1, probability 0, space 0, times 0
[ 3468.832001] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3468.836102] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3468.846913] CPU: 0 PID: 8690 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3468.862322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3468.871772] Call Trace:
[ 3468.874361]  dump_stack+0x172/0x1f0
[ 3468.877992]  should_fail.cold+0xa/0x1b
[ 3468.881882]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3468.886977]  ? lock_downgrade+0x810/0x810
[ 3468.891123]  ? ___might_sleep+0x163/0x280
[ 3468.895267]  __should_failslab+0x121/0x190
[ 3468.899493]  should_failslab+0x9/0x14
[ 3468.903277]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3468.907941]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3468.913025]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3468.917933]  __list_lru_init+0x3d3/0x6e0
[ 3468.921974]  sget_userns+0x81e/0xd30
[ 3468.925670]  ? kill_litter_super+0x60/0x60
[ 3468.929883]  ? ns_test_super+0x50/0x50
[ 3468.933749]  ? ns_test_super+0x50/0x50
[ 3468.937613]  ? kill_litter_super+0x60/0x60
[ 3468.941830]  sget+0x10c/0x150
[ 3468.944917]  mount_bdev+0xff/0x3c0
[ 3468.948436]  ? finish_unfinished+0x1120/0x1120
[ 3468.953012]  get_super_block+0x35/0x40
[ 3468.956987]  mount_fs+0x106/0x3ff
[ 3468.960425]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3468.964905]  ? __init_waitqueue_head+0x36/0x90
[ 3468.969465]  vfs_kern_mount.part.0+0x6f/0x410
[ 3468.973945]  do_mount+0x581/0x2d30
[ 3468.977459]  ? finish_automount+0x461/0x490
[ 3468.981757]  ? copy_mount_string+0x40/0x40
[ 3468.985966]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3468.990790]  ? _copy_from_user+0xdd/0x150
[ 3468.994913]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3469.000432]  ? copy_mount_options+0x30e/0x440
[ 3469.004906]  ksys_mount+0xdb/0x150
[ 3469.008509]  __x64_sys_mount+0xbe/0x150
[ 3469.012461]  do_syscall_64+0x103/0x610
[ 3469.016325]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3469.021490] RIP: 0033:0x45a8aa
[ 3469.024657] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3469.043533] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3469.051216] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3469.058894] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3469.066138] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3469.073542] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x300000000000000}, 0x0)

18:27:37 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:37 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3469.080797] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3469.123067] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3469.125985] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:37 executing program 1 (fault-call:0 fault-nth:54):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:37 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:37 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x400000000000000}, 0x0)

[ 3469.238777] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3469.239455] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3469.324144] FAULT_INJECTION: forcing a failure.
[ 3469.324144] name failslab, interval 1, probability 0, space 0, times 0
[ 3469.336599] CPU: 1 PID: 8744 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3469.343709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3469.353397] Call Trace:
[ 3469.353420]  dump_stack+0x172/0x1f0
[ 3469.353445]  should_fail.cold+0xa/0x1b
[ 3469.353464]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3469.353480]  ? lock_downgrade+0x810/0x810
[ 3469.353493]  ? ___might_sleep+0x163/0x280
[ 3469.353510]  __should_failslab+0x121/0x190
[ 3469.381225]  should_failslab+0x9/0x14
[ 3469.385021]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3469.389793]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3469.394902]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3469.399828]  __list_lru_init+0x3d3/0x6e0
[ 3469.404008]  sget_userns+0x81e/0xd30
[ 3469.407716]  ? kill_litter_super+0x60/0x60
[ 3469.411943]  ? ns_test_super+0x50/0x50
[ 3469.415811]  ? ns_test_super+0x50/0x50
[ 3469.419687]  ? kill_litter_super+0x60/0x60
[ 3469.423904]  sget+0x10c/0x150
[ 3469.426997]  mount_bdev+0xff/0x3c0
[ 3469.430514]  ? finish_unfinished+0x1120/0x1120
[ 3469.435073]  get_super_block+0x35/0x40
[ 3469.438955]  mount_fs+0x106/0x3ff
[ 3469.442386]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3469.446881]  ? __init_waitqueue_head+0x36/0x90
[ 3469.451446]  vfs_kern_mount.part.0+0x6f/0x410
[ 3469.455920]  do_mount+0x581/0x2d30
[ 3469.459447]  ? copy_mount_string+0x40/0x40
[ 3469.463682]  ? copy_mount_options+0x244/0x440
[ 3469.468162]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3469.473692]  ? copy_mount_options+0x30e/0x440
[ 3469.478174]  ksys_mount+0xdb/0x150
[ 3469.481702]  __x64_sys_mount+0xbe/0x150
[ 3469.485662]  do_syscall_64+0x103/0x610
[ 3469.489552]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3469.494727] RIP: 0033:0x45a8aa
[ 3469.497903] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3469.516787] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
18:27:37 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reislrfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:37 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:37 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:37 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x500000000000000}, 0x0)

[ 3469.524488] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3469.531739] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3469.539078] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3469.546409] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3469.553671] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:38 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\xfe\xff\xff\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:38 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:38 executing program 1 (fault-call:0 fault-nth:55):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3469.608259] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3469.610211] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:38 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3469.778724] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3469.791476] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:38 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x600000000000000}, 0x0)

[ 3469.846233] FAULT_INJECTION: forcing a failure.
[ 3469.846233] name failslab, interval 1, probability 0, space 0, times 0
[ 3469.883676] CPU: 0 PID: 8780 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
18:27:38 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3469.890887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3469.900233] Call Trace:
[ 3469.902822]  dump_stack+0x172/0x1f0
[ 3469.906540]  should_fail.cold+0xa/0x1b
[ 3469.910444]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3469.915556]  ? lock_downgrade+0x810/0x810
[ 3469.919699]  ? ___might_sleep+0x163/0x280
[ 3469.919716]  __should_failslab+0x121/0x190
[ 3469.919731]  should_failslab+0x9/0x14
[ 3469.931858]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3469.936528]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3469.941640]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3469.946568]  __list_lru_init+0x3d3/0x6e0
[ 3469.950646]  sget_userns+0x81e/0xd30
[ 3469.954355]  ? kill_litter_super+0x60/0x60
[ 3469.954369]  ? ns_test_super+0x50/0x50
[ 3469.954382]  ? ns_test_super+0x50/0x50
[ 3469.966341]  ? kill_litter_super+0x60/0x60
[ 3469.970569]  sget+0x10c/0x150
[ 3469.973679]  mount_bdev+0xff/0x3c0
[ 3469.975721] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3469.976572] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3469.977213]  ? finish_unfinished+0x1120/0x1120
[ 3469.998404]  get_super_block+0x35/0x40
[ 3470.002289]  mount_fs+0x106/0x3ff
[ 3470.005738]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3470.010245]  ? __init_waitqueue_head+0x36/0x90
[ 3470.014831]  vfs_kern_mount.part.0+0x6f/0x410
[ 3470.019322]  do_mount+0x581/0x2d30
[ 3470.022852]  ? finish_automount+0x461/0x490
[ 3470.022868]  ? copy_mount_string+0x40/0x40
[ 3470.022882]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3470.031500]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3470.041836]  ? copy_mount_options+0x30e/0x440
[ 3470.046333]  ksys_mount+0xdb/0x150
[ 3470.049966]  __x64_sys_mount+0xbe/0x150
[ 3470.053957]  do_syscall_64+0x103/0x610
[ 3470.057838]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3470.063018] RIP: 0033:0x45a8aa
[ 3470.066209] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3470.085097] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3470.085110] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3470.085118] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3470.085125] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3470.085131] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3470.085140] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:38 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reise\nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:38 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:38 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x700000000000000}, 0x0)

18:27:38 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:38 executing program 1 (fault-call:0 fault-nth:56):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:38 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x800000000000000}, 0x0)

18:27:38 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3470.293361] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3470.298540] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3470.369223] FAULT_INJECTION: forcing a failure.
[ 3470.369223] name failslab, interval 1, probability 0, space 0, times 0
18:27:38 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\a\xff\xff\xfe\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:38 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xa00000000000000}, 0x0)

[ 3470.471584] CPU: 1 PID: 8827 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3470.478819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3470.488186] Call Trace:
[ 3470.490788]  dump_stack+0x172/0x1f0
[ 3470.494418]  should_fail.cold+0xa/0x1b
[ 3470.498303]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3470.503402]  ? lock_downgrade+0x810/0x810
[ 3470.507545]  ? ___might_sleep+0x163/0x280
[ 3470.511704]  __should_failslab+0x121/0x190
[ 3470.515936]  should_failslab+0x9/0x14
18:27:38 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3470.517368] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3470.518055] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3470.519731]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3470.519746]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3470.519766]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3470.551013]  __list_lru_init+0x3d3/0x6e0
[ 3470.555058]  sget_userns+0x81e/0xd30
[ 3470.558770]  ? kill_litter_super+0x60/0x60
[ 3470.562998]  ? ns_test_super+0x50/0x50
[ 3470.566869]  ? ns_test_super+0x50/0x50
[ 3470.570730]  ? kill_litter_super+0x60/0x60
[ 3470.574938]  sget+0x10c/0x150
[ 3470.578021]  mount_bdev+0xff/0x3c0
[ 3470.581536]  ? finish_unfinished+0x1120/0x1120
[ 3470.586094]  get_super_block+0x35/0x40
[ 3470.589955]  mount_fs+0x106/0x3ff
[ 3470.593473]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3470.597942]  ? __init_waitqueue_head+0x36/0x90
[ 3470.602511]  vfs_kern_mount.part.0+0x6f/0x410
[ 3470.606983]  do_mount+0x581/0x2d30
[ 3470.610506]  ? copy_mount_string+0x40/0x40
[ 3470.614734]  ? copy_mount_options+0x234/0x440
[ 3470.619312]  ? copy_mount_options+0x23a/0x440
[ 3470.623791]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3470.629312]  ? copy_mount_options+0x30e/0x440
[ 3470.633783]  ksys_mount+0xdb/0x150
[ 3470.637299]  __x64_sys_mount+0xbe/0x150
[ 3470.641341]  do_syscall_64+0x103/0x610
[ 3470.645208]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3470.650378] RIP: 0033:0x45a8aa
[ 3470.653556] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3470.672439] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3470.680209] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3470.687550] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3470.694803] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3470.702190] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3470.709435] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:39 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reise%fs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:39 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:39 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:39 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xc00000000000000}, 0x0)

18:27:39 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:39 executing program 1 (fault-call:0 fault-nth:57):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3470.835368] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:39 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:39 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xc15000000000000}, 0x0)

18:27:39 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3470.836005] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3470.952377] FAULT_INJECTION: forcing a failure.
[ 3470.952377] name failslab, interval 1, probability 0, space 0, times 0
18:27:39 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3470.985276] CPU: 0 PID: 8885 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3470.992481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3471.001816] Call Trace:
[ 3471.004383]  dump_stack+0x172/0x1f0
[ 3471.007997]  should_fail.cold+0xa/0x1b
[ 3471.011888]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3471.016969]  ? lock_downgrade+0x810/0x810
[ 3471.021190]  ? ___might_sleep+0x163/0x280
[ 3471.025331]  __should_failslab+0x121/0x190
[ 3471.029541]  should_failslab+0x9/0x14
[ 3471.033325]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3471.037971]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3471.043065]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3471.047987]  __list_lru_init+0x3d3/0x6e0
[ 3471.052116]  sget_userns+0x81e/0xd30
[ 3471.055806]  ? kill_litter_super+0x60/0x60
[ 3471.060016]  ? ns_test_super+0x50/0x50
[ 3471.063889]  ? ns_test_super+0x50/0x50
[ 3471.067756]  ? kill_litter_super+0x60/0x60
[ 3471.071969]  sget+0x10c/0x150
[ 3471.075050]  mount_bdev+0xff/0x3c0
[ 3471.078568]  ? finish_unfinished+0x1120/0x1120
[ 3471.083128]  get_super_block+0x35/0x40
[ 3471.086991]  mount_fs+0x106/0x3ff
[ 3471.090439]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3471.094914]  ? __init_waitqueue_head+0x36/0x90
[ 3471.099479]  vfs_kern_mount.part.0+0x6f/0x410
[ 3471.103952]  do_mount+0x581/0x2d30
[ 3471.107465]  ? finish_automount+0x461/0x490
[ 3471.111762]  ? copy_mount_string+0x40/0x40
[ 3471.115970]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3471.120804]  ? _copy_from_user+0xdd/0x150
[ 3471.124936]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3471.130457]  ? copy_mount_options+0x30e/0x440
[ 3471.134928]  ksys_mount+0xdb/0x150
[ 3471.138443]  __x64_sys_mount+0xbe/0x150
[ 3471.142392]  do_syscall_64+0x103/0x610
[ 3471.146256]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3471.151564] RIP: 0033:0x45a8aa
[ 3471.154747] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3471.173638] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3471.181338] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3471.188585] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3471.195840] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3471.203091] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3471.210346] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:39 executing program 1 (fault-call:0 fault-nth:58):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3471.314059] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3471.314889] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:39 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xe00000000000000}, 0x0)

18:27:39 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiser\ns\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:39 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:39 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:39 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:39 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf00000000000000}, 0x0)

[ 3471.509968] FAULT_INJECTION: forcing a failure.
[ 3471.509968] name failslab, interval 1, probability 0, space 0, times 0
[ 3471.552396] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3471.554106] CPU: 0 PID: 8915 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3471.557941] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3471.569687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3471.569693] Call Trace:
[ 3471.569713]  dump_stack+0x172/0x1f0
[ 3471.569728]  should_fail.cold+0xa/0x1b
[ 3471.597413]  ? fault_create_debugfs_attr+0x1e0/0x1e0
18:27:40 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3471.602533]  ? lock_downgrade+0x810/0x810
[ 3471.602549]  ? ___might_sleep+0x163/0x280
[ 3471.602567]  __should_failslab+0x121/0x190
[ 3471.615041]  should_failslab+0x9/0x14
[ 3471.618839]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3471.623517]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3471.628618]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3471.633550]  __list_lru_init+0x3d3/0x6e0
[ 3471.637608]  sget_userns+0x81e/0xd30
[ 3471.641319]  ? kill_litter_super+0x60/0x60
[ 3471.645551]  ? ns_test_super+0x50/0x50
[ 3471.649530]  ? ns_test_super+0x50/0x50
18:27:40 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3471.653414]  ? kill_litter_super+0x60/0x60
[ 3471.657641]  sget+0x10c/0x150
[ 3471.660758]  mount_bdev+0xff/0x3c0
[ 3471.664309]  ? finish_unfinished+0x1120/0x1120
[ 3471.668910]  get_super_block+0x35/0x40
[ 3471.672797]  mount_fs+0x106/0x3ff
[ 3471.676262]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3471.680778]  ? __init_waitqueue_head+0x36/0x90
[ 3471.685363]  vfs_kern_mount.part.0+0x6f/0x410
[ 3471.689861]  do_mount+0x581/0x2d30
[ 3471.693399]  ? finish_automount+0x461/0x490
[ 3471.697725]  ? copy_mount_string+0x40/0x40
18:27:40 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:40 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:40 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x1000000000000000}, 0x0)

[ 3471.701959]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3471.706887]  ? _copy_from_user+0xdd/0x150
[ 3471.711042]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3471.716582]  ? copy_mount_options+0x30e/0x440
[ 3471.721108]  ksys_mount+0xdb/0x150
[ 3471.724658]  __x64_sys_mount+0xbe/0x150
[ 3471.728662]  do_syscall_64+0x103/0x610
[ 3471.732559]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3471.737795] RIP: 0033:0x45a8aa
[ 3471.740989] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3471.759889] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3471.767614] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3471.774870] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3471.782118] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3471.789367] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3471.796707] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3471.875872] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3471.877148] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:40 executing program 1 (fault-call:0 fault-nth:59):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:40 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:40 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiser%s\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:40 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:40 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:40 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x2000000000000000}, 0x0)

[ 3472.057843] FAULT_INJECTION: forcing a failure.
[ 3472.057843] name failslab, interval 1, probability 0, space 0, times 0
18:27:40 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3472.134307] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3472.137987] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3472.157136] CPU: 1 PID: 8978 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3472.172561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3472.181992] Call Trace:
[ 3472.184578]  dump_stack+0x172/0x1f0
[ 3472.188203]  should_fail.cold+0xa/0x1b
[ 3472.192095]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3472.197191]  ? lock_downgrade+0x810/0x810
[ 3472.201338]  ? ___might_sleep+0x163/0x280
[ 3472.205491]  __should_failslab+0x121/0x190
[ 3472.209723]  should_failslab+0x9/0x14
[ 3472.213522]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3472.218187]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3472.223565]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3472.228496]  __list_lru_init+0x3d3/0x6e0
[ 3472.232557]  sget_userns+0x81e/0xd30
[ 3472.236268]  ? kill_litter_super+0x60/0x60
[ 3472.240503]  ? ns_test_super+0x50/0x50
[ 3472.244377]  ? ns_test_super+0x50/0x50
[ 3472.244390]  ? kill_litter_super+0x60/0x60
[ 3472.244402]  sget+0x10c/0x150
[ 3472.244418]  mount_bdev+0xff/0x3c0
[ 3472.244430]  ? finish_unfinished+0x1120/0x1120
[ 3472.244451]  get_super_block+0x35/0x40
[ 3472.252537]  mount_fs+0x106/0x3ff
[ 3472.252553]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3472.252567]  ? __init_waitqueue_head+0x36/0x90
[ 3472.275606]  vfs_kern_mount.part.0+0x6f/0x410
[ 3472.284642]  do_mount+0x581/0x2d30
[ 3472.284657]  ? finish_automount+0x461/0x490
[ 3472.284677]  ? copy_mount_string+0x40/0x40
[ 3472.296731]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3472.301590]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3472.307139]  ? copy_mount_options+0x30e/0x440
[ 3472.311646]  ksys_mount+0xdb/0x150
[ 3472.315201]  __x64_sys_mount+0xbe/0x150
[ 3472.319204]  do_syscall_64+0x103/0x610
[ 3472.323105]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3472.328288] RIP: 0033:0x45a8aa
18:27:40 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:40 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:40 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x4800000000000000}, 0x0)

[ 3472.328303] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3472.328311] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3472.328326] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3472.328335] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3472.328342] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3472.328353] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:40 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:40 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3472.350416] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3472.449101] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3472.457727] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:40 executing program 1 (fault-call:0 fault-nth:60):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:40 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:40 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x4c00000000000000}, 0x0)

18:27:40 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:40 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiser.s\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:40 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:41 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:41 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6000000000000000}, 0x0)

[ 3472.580869] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3472.581562] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:41 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3472.691424] FAULT_INJECTION: forcing a failure.
[ 3472.691424] name failslab, interval 1, probability 0, space 0, times 0
[ 3472.703585] CPU: 1 PID: 9038 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3472.710693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3472.720209] Call Trace:
[ 3472.722794]  dump_stack+0x172/0x1f0
[ 3472.726428]  should_fail.cold+0xa/0x1b
[ 3472.730339]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3472.735540]  ? lock_downgrade+0x810/0x810
[ 3472.739683]  ? ___might_sleep+0x163/0x280
[ 3472.743946]  __should_failslab+0x121/0x190
[ 3472.748184]  should_failslab+0x9/0x14
[ 3472.751979]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3472.756647]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3472.761750]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3472.766679]  __list_lru_init+0x3d3/0x6e0
[ 3472.770741]  sget_userns+0x81e/0xd30
[ 3472.774451]  ? kill_litter_super+0x60/0x60
[ 3472.778685]  ? ns_test_super+0x50/0x50
[ 3472.782588]  ? ns_test_super+0x50/0x50
[ 3472.786471]  ? kill_litter_super+0x60/0x60
18:27:41 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:41 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:41 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3472.790699]  sget+0x10c/0x150
[ 3472.793801]  mount_bdev+0xff/0x3c0
[ 3472.797335]  ? finish_unfinished+0x1120/0x1120
[ 3472.801915]  get_super_block+0x35/0x40
[ 3472.805798]  mount_fs+0x106/0x3ff
[ 3472.809245]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3472.813743]  ? __init_waitqueue_head+0x36/0x90
[ 3472.818344]  vfs_kern_mount.part.0+0x6f/0x410
[ 3472.822840]  do_mount+0x581/0x2d30
[ 3472.826376]  ? finish_automount+0x461/0x490
[ 3472.830700]  ? copy_mount_string+0x40/0x40
[ 3472.834933]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3472.839778]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3472.845308]  ? copy_mount_options+0x30e/0x440
[ 3472.849800]  ksys_mount+0xdb/0x150
[ 3472.853341]  __x64_sys_mount+0xbe/0x150
[ 3472.857315]  do_syscall_64+0x103/0x610
[ 3472.861206]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3472.866385] RIP: 0033:0x45a8aa
[ 3472.869568] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3472.888444] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3472.896128] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3472.903496] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3472.910750] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3472.917998] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3472.925253] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3473.000078] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3473.001021] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:41 executing program 1 (fault-call:0 fault-nth:61):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:41 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6558000000000000}, 0x0)

18:27:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:41 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:41 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:41 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiser/s\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:41 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:41 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3473.211789] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3473.212458] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:41 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6800000000000000}, 0x0)

18:27:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3473.327300] FAULT_INJECTION: forcing a failure.
[ 3473.327300] name failslab, interval 1, probability 0, space 0, times 0
[ 3473.350261] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3473.350937] CPU: 1 PID: 9095 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3473.359279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
18:27:41 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:41 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3473.359285] Call Trace:
[ 3473.359306]  dump_stack+0x172/0x1f0
[ 3473.359325]  should_fail.cold+0xa/0x1b
[ 3473.359341]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3473.359363]  ? lock_downgrade+0x810/0x810
[ 3473.359379]  ? ___might_sleep+0x163/0x280
[ 3473.359399]  __should_failslab+0x121/0x190
[ 3473.359415]  should_failslab+0x9/0x14
[ 3473.359427]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3473.359440]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3473.359456]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3473.359470]  __list_lru_init+0x3d3/0x6e0
[ 3473.367031] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3473.391191]  sget_userns+0x81e/0xd30
[ 3473.391205]  ? kill_litter_super+0x60/0x60
[ 3473.407649]  ? ns_test_super+0x50/0x50
[ 3473.417382]  ? ns_test_super+0x50/0x50
[ 3473.417395]  ? kill_litter_super+0x60/0x60
[ 3473.417409]  sget+0x10c/0x150
[ 3473.417426]  mount_bdev+0xff/0x3c0
[ 3473.461129]  ? finish_unfinished+0x1120/0x1120
[ 3473.465711]  get_super_block+0x35/0x40
[ 3473.469606]  mount_fs+0x106/0x3ff
[ 3473.473063]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3473.477644]  ? __init_waitqueue_head+0x36/0x90
[ 3473.482228]  vfs_kern_mount.part.0+0x6f/0x410
[ 3473.486726]  do_mount+0x581/0x2d30
[ 3473.490260]  ? finish_automount+0x461/0x490
[ 3473.494579]  ? copy_mount_string+0x40/0x40
[ 3473.498809]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3473.503649]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3473.509182]  ? copy_mount_options+0x30e/0x440
[ 3473.513670]  ksys_mount+0xdb/0x150
[ 3473.513685]  __x64_sys_mount+0xbe/0x150
[ 3473.513701]  do_syscall_64+0x103/0x610
[ 3473.513717]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3473.513728] RIP: 0033:0x45a8aa
[ 3473.533416] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3473.552304] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3473.552317] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3473.552324] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3473.552333] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3473.564111] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3473.564788] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3473.567373] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3473.567381] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:42 executing program 1 (fault-call:0 fault-nth:62):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:42 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:42 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x6c00000000000000}, 0x0)

18:27:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:42 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:42 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserls\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3473.756544] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:42 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3473.757217] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:42 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:42 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x7400000000000000}, 0x0)

[ 3473.844692] FAULT_INJECTION: forcing a failure.
[ 3473.844692] name failslab, interval 1, probability 0, space 0, times 0
[ 3473.894722] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3473.895412] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3473.922874] CPU: 0 PID: 9153 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3473.938390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3473.947820] Call Trace:
[ 3473.950411]  dump_stack+0x172/0x1f0
[ 3473.954055]  should_fail.cold+0xa/0x1b
[ 3473.957946]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3473.963052]  ? lock_downgrade+0x810/0x810
[ 3473.967194]  ? ___might_sleep+0x163/0x280
[ 3473.971345]  __should_failslab+0x121/0x190
[ 3473.975583]  should_failslab+0x9/0x14
[ 3473.979380]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3473.984044]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3473.989156]  __memcg_init_list_lru_node+0x8a/0x1e0
18:27:42 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3473.994079]  __list_lru_init+0x3d3/0x6e0
[ 3473.998131]  sget_userns+0x81e/0xd30
[ 3474.001831]  ? kill_litter_super+0x60/0x60
[ 3474.006047]  ? ns_test_super+0x50/0x50
[ 3474.009944]  ? ns_test_super+0x50/0x50
[ 3474.013822]  ? kill_litter_super+0x60/0x60
[ 3474.018032]  sget+0x10c/0x150
[ 3474.021131]  mount_bdev+0xff/0x3c0
[ 3474.024649]  ? finish_unfinished+0x1120/0x1120
[ 3474.029208]  get_super_block+0x35/0x40
[ 3474.033070]  mount_fs+0x106/0x3ff
[ 3474.036501]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3474.040982]  ? __init_waitqueue_head+0x36/0x90
[ 3474.045551]  vfs_kern_mount.part.0+0x6f/0x410
[ 3474.050027]  do_mount+0x581/0x2d30
[ 3474.053546]  ? finish_automount+0x461/0x490
[ 3474.057849]  ? copy_mount_string+0x40/0x40
[ 3474.062061]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3474.066994]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3474.072507]  ? copy_mount_options+0x30e/0x440
[ 3474.076980]  ksys_mount+0xdb/0x150
[ 3474.080525]  __x64_sys_mount+0xbe/0x150
[ 3474.084488]  do_syscall_64+0x103/0x610
[ 3474.088356]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3474.093525] RIP: 0033:0x45a8aa
[ 3474.096800] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3474.115681] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3474.123385] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3474.130639] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3474.137885] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3474.145130] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3474.152376] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3474.228530] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3474.233946] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:42 executing program 1 (fault-call:0 fault-nth:63):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:42 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x7a00000000000000}, 0x0)

18:27:42 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:42 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:42 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserf\n\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:42 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:42 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x8100000000000000}, 0x0)

18:27:42 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3474.413554] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3474.414254] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:42 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3474.506852] FAULT_INJECTION: forcing a failure.
[ 3474.506852] name failslab, interval 1, probability 0, space 0, times 0
18:27:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3474.579981] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3474.592162] CPU: 0 PID: 9198 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3474.599283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3474.608635] Call Trace:
[ 3474.611224]  dump_stack+0x172/0x1f0
[ 3474.611246]  should_fail.cold+0xa/0x1b
[ 3474.611278]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3474.623862]  ? lock_downgrade+0x810/0x810
[ 3474.628019]  ? ___might_sleep+0x163/0x280
[ 3474.632179]  __should_failslab+0x121/0x190
[ 3474.636423]  should_failslab+0x9/0x14
[ 3474.640229]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3474.644920]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3474.650039]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3474.654972]  __list_lru_init+0x3d3/0x6e0
[ 3474.659047]  sget_userns+0x81e/0xd30
[ 3474.662763]  ? kill_litter_super+0x60/0x60
[ 3474.667004]  ? ns_test_super+0x50/0x50
[ 3474.670897]  ? ns_test_super+0x50/0x50
[ 3474.674791]  ? kill_litter_super+0x60/0x60
[ 3474.679025]  sget+0x10c/0x150
[ 3474.682129]  mount_bdev+0xff/0x3c0
[ 3474.685672]  ? finish_unfinished+0x1120/0x1120
[ 3474.690279]  get_super_block+0x35/0x40
[ 3474.694175]  mount_fs+0x106/0x3ff
[ 3474.697640]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3474.702144]  ? __init_waitqueue_head+0x36/0x90
[ 3474.706741]  vfs_kern_mount.part.0+0x6f/0x410
[ 3474.711263]  do_mount+0x581/0x2d30
[ 3474.714812]  ? finish_automount+0x461/0x490
[ 3474.719145]  ? copy_mount_string+0x40/0x40
[ 3474.723383]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3474.728235]  ? _copy_from_user+0xdd/0x150
[ 3474.732400]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3474.737932]  ? copy_mount_options+0x30e/0x440
[ 3474.742413]  ksys_mount+0xdb/0x150
[ 3474.745935]  __x64_sys_mount+0xbe/0x150
[ 3474.749894]  do_syscall_64+0x103/0x610
[ 3474.753765]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3474.758935] RIP: 0033:0x45a8aa
[ 3474.762108] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3474.780989] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3474.788681] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3474.795934] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3474.803184] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3474.810434] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3474.817692] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:43 executing program 1 (fault-call:0 fault-nth:64):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:43 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x88a8ffff00000000}, 0x0)

18:27:43 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:43 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:43 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:43 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserf#\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:43 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:43 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3475.019030] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3475.019866] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:43 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:43 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x9effffff00000000}, 0x0)

[ 3475.110684] FAULT_INJECTION: forcing a failure.
[ 3475.110684] name failslab, interval 1, probability 0, space 0, times 0
[ 3475.140673] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3475.141417] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3475.194893] CPU: 1 PID: 9253 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3475.210341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3475.219693] Call Trace:
[ 3475.222287]  dump_stack+0x172/0x1f0
[ 3475.225924]  should_fail.cold+0xa/0x1b
[ 3475.229825]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3475.234932]  ? lock_downgrade+0x810/0x810
[ 3475.239091]  ? ___might_sleep+0x163/0x280
[ 3475.243261]  __should_failslab+0x121/0x190
[ 3475.247504]  should_failslab+0x9/0x14
[ 3475.251313]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3475.255992]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3475.261105]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3475.266041]  __list_lru_init+0x3d3/0x6e0
[ 3475.270113]  sget_userns+0x84d/0xd30
[ 3475.273834]  ? kill_litter_super+0x60/0x60
[ 3475.278073]  ? ns_test_super+0x50/0x50
[ 3475.281972]  ? ns_test_super+0x50/0x50
[ 3475.285862]  ? kill_litter_super+0x60/0x60
[ 3475.290102]  sget+0x10c/0x150
18:27:43 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:43 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xf0ffffff00000000}, 0x0)

[ 3475.293224]  mount_bdev+0xff/0x3c0
[ 3475.296766]  ? finish_unfinished+0x1120/0x1120
[ 3475.301355]  get_super_block+0x35/0x40
[ 3475.305249]  mount_fs+0x106/0x3ff
[ 3475.308704]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3475.313205]  ? __init_waitqueue_head+0x36/0x90
[ 3475.317774]  vfs_kern_mount.part.0+0x6f/0x410
[ 3475.322255]  do_mount+0x581/0x2d30
[ 3475.325790]  ? finish_automount+0x461/0x490
[ 3475.330108]  ? copy_mount_string+0x40/0x40
[ 3475.334330]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3475.339162]  ? _copy_from_user+0xdd/0x150
[ 3475.343296]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3475.348825]  ? copy_mount_options+0x30e/0x440
[ 3475.353315]  ksys_mount+0xdb/0x150
[ 3475.356955]  __x64_sys_mount+0xbe/0x150
[ 3475.360916]  do_syscall_64+0x103/0x610
[ 3475.364807]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3475.369987] RIP: 0033:0x45a8aa
[ 3475.373166] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3475.392060] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3475.399749] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3475.407226] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3475.414488] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3475.421742] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3475.428997] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:43 executing program 1 (fault-call:0 fault-nth:65):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:43 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:43 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:43 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xfe01000000000000}, 0x0)

18:27:43 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3475.508771] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3475.512999] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:44 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserf%\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:44 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:44 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xffffff7f00000000}, 0x0)

18:27:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:44 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3475.682716] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3475.683476] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3475.737943] FAULT_INJECTION: forcing a failure.
[ 3475.737943] name failslab, interval 1, probability 0, space 0, times 0
[ 3475.810926] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3475.819967] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3475.851269] CPU: 0 PID: 9309 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3475.858386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3475.858392] Call Trace:
[ 3475.858422]  dump_stack+0x172/0x1f0
[ 3475.858444]  should_fail.cold+0xa/0x1b
[ 3475.858463]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3475.858478]  ? lock_downgrade+0x810/0x810
[ 3475.858495]  ? ___might_sleep+0x163/0x280
[ 3475.858517]  __should_failslab+0x121/0x190
[ 3475.858535]  should_failslab+0x9/0x14
[ 3475.858548]  __kmalloc+0x2dc/0x740
[ 3475.858564]  ? __list_lru_init+0xd5/0x6e0
[ 3475.906999]  __list_lru_init+0xd5/0x6e0
[ 3475.910991]  sget_userns+0x84d/0xd30
[ 3475.914715]  ? kill_litter_super+0x60/0x60
[ 3475.918953]  ? ns_test_super+0x50/0x50
[ 3475.922847]  ? ns_test_super+0x50/0x50
[ 3475.926731]  ? kill_litter_super+0x60/0x60
[ 3475.926747]  sget+0x10c/0x150
[ 3475.926764]  mount_bdev+0xff/0x3c0
[ 3475.926781]  ? finish_unfinished+0x1120/0x1120
[ 3475.934098]  get_super_block+0x35/0x40
[ 3475.934113]  mount_fs+0x106/0x3ff
[ 3475.934130]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3475.954017]  ? __init_waitqueue_head+0x36/0x90
[ 3475.958612]  vfs_kern_mount.part.0+0x6f/0x410
[ 3475.963109]  do_mount+0x581/0x2d30
[ 3475.963123]  ? finish_automount+0x461/0x490
[ 3475.963150]  ? copy_mount_string+0x40/0x40
[ 3475.970979]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3475.970999]  ? _copy_from_user+0xdd/0x150
[ 3475.971017]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3475.989708]  ? copy_mount_options+0x30e/0x440
[ 3475.994211]  ksys_mount+0xdb/0x150
[ 3475.997748]  __x64_sys_mount+0xbe/0x150
[ 3476.001720]  do_syscall_64+0x103/0x610
[ 3476.005615]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3476.010805] RIP: 0033:0x45a8aa
18:27:44 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0xfffffffffffff000}, 0x0)

18:27:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3476.014000] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3476.032901] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3476.040609] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3476.047879] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3476.055162] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3476.062432] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3476.069700] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:44 executing program 1 (fault-call:0 fault-nth:66):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:44 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:44 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:44 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x2}, 0x0)

[ 3476.268623] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3476.290991] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:44 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserf*\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:44 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:44 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x3}, 0x0)

18:27:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3476.305029] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3476.340474] FAULT_INJECTION: forcing a failure.
[ 3476.340474] name failslab, interval 1, probability 0, space 0, times 0
[ 3476.402074] CPU: 1 PID: 9366 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3476.409233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3476.418589] Call Trace:
[ 3476.421193]  dump_stack+0x172/0x1f0
[ 3476.421412] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3476.424829]  should_fail.cold+0xa/0x1b
[ 3476.424850]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3476.424873]  ? lock_downgrade+0x810/0x810
[ 3476.424892]  ? ___might_sleep+0x163/0x280
[ 3476.424910]  __should_failslab+0x121/0x190
[ 3476.424928]  should_failslab+0x9/0x14
[ 3476.455545]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3476.460225]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3476.465340]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3476.470285]  __list_lru_init+0x3d3/0x6e0
[ 3476.474358]  sget_userns+0x84d/0xd30
[ 3476.478076]  ? kill_litter_super+0x60/0x60
[ 3476.482327]  ? ns_test_super+0x50/0x50
[ 3476.486217]  ? ns_test_super+0x50/0x50
[ 3476.490111]  ? kill_litter_super+0x60/0x60
[ 3476.494350]  sget+0x10c/0x150
[ 3476.497460]  mount_bdev+0xff/0x3c0
[ 3476.501004]  ? finish_unfinished+0x1120/0x1120
[ 3476.505597]  get_super_block+0x35/0x40
[ 3476.509492]  mount_fs+0x106/0x3ff
[ 3476.512949]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3476.517449]  ? __init_waitqueue_head+0x36/0x90
[ 3476.522038]  vfs_kern_mount.part.0+0x6f/0x410
[ 3476.526545]  do_mount+0x581/0x2d30
[ 3476.530105]  ? finish_automount+0x461/0x490
[ 3476.534436]  ? copy_mount_string+0x40/0x40
[ 3476.538675]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3476.543533]  ? _copy_from_user+0xdd/0x150
18:27:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:44 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:44 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3476.547689]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3476.553232]  ? copy_mount_options+0x30e/0x440
[ 3476.557738]  ksys_mount+0xdb/0x150
[ 3476.561287]  __x64_sys_mount+0xbe/0x150
[ 3476.565274]  do_syscall_64+0x103/0x610
[ 3476.569172]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3476.574362] RIP: 0033:0x45a8aa
[ 3476.574378] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3476.574386] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3476.574400] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3476.574409] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3476.574417] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3476.574424] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3476.574432] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:45 executing program 1 (fault-call:0 fault-nth:67):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:45 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x4}, 0x0)

18:27:45 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3476.721205] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:45 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3476.740740] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3476.790002] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3476.814807] FAULT_INJECTION: forcing a failure.
[ 3476.814807] name failslab, interval 1, probability 0, space 0, times 0
[ 3476.874405] CPU: 1 PID: 9402 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3476.881560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3476.890920] Call Trace:
[ 3476.893525]  dump_stack+0x172/0x1f0
[ 3476.897164]  should_fail.cold+0xa/0x1b
[ 3476.901082]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3476.906202]  ? lock_downgrade+0x810/0x810
[ 3476.910367]  ? ___might_sleep+0x163/0x280
[ 3476.914530]  __should_failslab+0x121/0x190
[ 3476.918773]  should_failslab+0x9/0x14
[ 3476.922582]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3476.927263]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3476.932379]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3476.937318]  __list_lru_init+0x3d3/0x6e0
[ 3476.941397]  sget_userns+0x84d/0xd30
[ 3476.945118]  ? kill_litter_super+0x60/0x60
[ 3476.949365]  ? ns_test_super+0x50/0x50
[ 3476.951959] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3476.953259]  ? ns_test_super+0x50/0x50
[ 3476.959544] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3476.965450]  ? kill_litter_super+0x60/0x60
[ 3476.977991]  sget+0x10c/0x150
[ 3476.981105]  mount_bdev+0xff/0x3c0
[ 3476.984653]  ? finish_unfinished+0x1120/0x1120
[ 3476.989245]  get_super_block+0x35/0x40
[ 3476.993142]  mount_fs+0x106/0x3ff
[ 3476.996600]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3477.001110]  ? __init_waitqueue_head+0x36/0x90
[ 3477.005706]  vfs_kern_mount.part.0+0x6f/0x410
[ 3477.010211]  do_mount+0x581/0x2d30
[ 3477.013761]  ? finish_automount+0x461/0x490
[ 3477.018099]  ? copy_mount_string+0x40/0x40
[ 3477.022337]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3477.027186]  ? _copy_from_user+0xdd/0x150
[ 3477.031341]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3477.036887]  ? copy_mount_options+0x30e/0x440
[ 3477.041401]  ksys_mount+0xdb/0x150
[ 3477.044943]  __x64_sys_mount+0xbe/0x150
[ 3477.048906]  do_syscall_64+0x103/0x610
[ 3477.052781]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3477.057955] RIP: 0033:0x45a8aa
[ 3477.061130] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3477.080016] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3477.087716] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3477.094977] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3477.102246] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3477.109506] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3477.116762] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:45 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserf+\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:45 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:45 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x5}, 0x0)

18:27:45 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:45 executing program 1 (fault-call:0 fault-nth:68):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3477.324914] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3477.331725] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3477.332543] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:45 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3477.393945] FAULT_INJECTION: forcing a failure.
[ 3477.393945] name failslab, interval 1, probability 0, space 0, times 0
18:27:45 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3477.441397] CPU: 0 PID: 9436 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3477.448547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3477.457900] Call Trace:
[ 3477.460507]  dump_stack+0x172/0x1f0
[ 3477.464152]  should_fail.cold+0xa/0x1b
[ 3477.468068]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3477.473173]  ? lock_downgrade+0x810/0x810
[ 3477.477308]  ? ___might_sleep+0x163/0x280
[ 3477.481444]  __should_failslab+0x121/0x190
[ 3477.485666]  should_failslab+0x9/0x14
[ 3477.489454]  __kmalloc+0x2dc/0x740
[ 3477.492985]  ? __list_lru_init+0xd5/0x6e0
[ 3477.497125]  __list_lru_init+0xd5/0x6e0
[ 3477.501101]  sget_userns+0x84d/0xd30
[ 3477.504803]  ? kill_litter_super+0x60/0x60
[ 3477.509032]  ? ns_test_super+0x50/0x50
[ 3477.512904]  ? ns_test_super+0x50/0x50
[ 3477.516777]  ? kill_litter_super+0x60/0x60
[ 3477.521004]  sget+0x10c/0x150
[ 3477.524110]  mount_bdev+0xff/0x3c0
[ 3477.527644]  ? finish_unfinished+0x1120/0x1120
[ 3477.532214]  get_super_block+0x35/0x40
[ 3477.536083]  mount_fs+0x106/0x3ff
[ 3477.539520]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3477.543999]  ? __init_waitqueue_head+0x36/0x90
[ 3477.548588]  vfs_kern_mount.part.0+0x6f/0x410
[ 3477.553089]  do_mount+0x581/0x2d30
[ 3477.556621]  ? finish_automount+0x461/0x490
[ 3477.560927]  ? copy_mount_string+0x40/0x40
[ 3477.565146]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3477.570217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3477.575740]  ? copy_mount_options+0x30e/0x440
[ 3477.580220]  ksys_mount+0xdb/0x150
[ 3477.583746]  __x64_sys_mount+0xbe/0x150
[ 3477.587708]  do_syscall_64+0x103/0x610
[ 3477.591584]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3477.596755] RIP: 0033:0x45a8aa
[ 3477.599939] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3477.618835] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3477.626537] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3477.633788] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
18:27:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x6}, 0x0)

[ 3477.641038] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3477.648292] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3477.655549] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:46 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3477.777577] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3477.793722] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3477.803768] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:46 executing program 1 (fault-call:0 fault-nth:69):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:46 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserf-\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:46 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:46 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x7}, 0x0)

18:27:46 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3478.019897] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3478.042349] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3478.045569] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3478.051981] FAULT_INJECTION: forcing a failure.
[ 3478.051981] name failslab, interval 1, probability 0, space 0, times 0
[ 3478.092359] CPU: 0 PID: 9478 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3478.092370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3478.108835] Call Trace:
[ 3478.108855]  dump_stack+0x172/0x1f0
[ 3478.108874]  should_fail.cold+0xa/0x1b
[ 3478.118942]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3478.124065]  ? lock_downgrade+0x810/0x810
[ 3478.124082]  ? ___might_sleep+0x163/0x280
[ 3478.124103]  __should_failslab+0x121/0x190
[ 3478.132367]  should_failslab+0x9/0x14
18:27:46 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3478.140372]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3478.145047]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3478.150164]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3478.155105]  __list_lru_init+0x3d3/0x6e0
[ 3478.159178]  sget_userns+0x84d/0xd30
[ 3478.162890]  ? kill_litter_super+0x60/0x60
[ 3478.167133]  ? ns_test_super+0x50/0x50
[ 3478.171025]  ? ns_test_super+0x50/0x50
[ 3478.174914]  ? kill_litter_super+0x60/0x60
[ 3478.179150]  sget+0x10c/0x150
[ 3478.182260]  mount_bdev+0xff/0x3c0
[ 3478.185805]  ? finish_unfinished+0x1120/0x1120
[ 3478.190397]  get_super_block+0x35/0x40
[ 3478.194285]  mount_fs+0x106/0x3ff
[ 3478.197739]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3478.202246]  ? __init_waitqueue_head+0x36/0x90
[ 3478.206838]  vfs_kern_mount.part.0+0x6f/0x410
[ 3478.211345]  do_mount+0x581/0x2d30
[ 3478.214899]  ? copy_mount_string+0x40/0x40
[ 3478.219147]  ? copy_mount_options+0x248/0x440
[ 3478.223644]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3478.225803] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:46 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3478.226495] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3478.229183]  ? copy_mount_options+0x30e/0x440
[ 3478.229204]  ksys_mount+0xdb/0x150
[ 3478.229229]  __x64_sys_mount+0xbe/0x150
[ 3478.257820]  do_syscall_64+0x103/0x610
[ 3478.257839]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3478.257852] RIP: 0033:0x45a8aa
[ 3478.266903] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3478.266911] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3478.266925] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3478.266934] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3478.266954] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3478.294765] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3478.295499] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3478.296702] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:46 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:46 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x8}, 0x0)

[ 3478.296710] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3478.390470] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:46 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:46 executing program 1 (fault-call:0 fault-nth:70):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:46 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:46 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:46 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserf.\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:46 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xa}, 0x0)

[ 3478.581151] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:47 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3478.583665] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3478.632780] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3478.650259] FAULT_INJECTION: forcing a failure.
[ 3478.650259] name failslab, interval 1, probability 0, space 0, times 0
[ 3478.662809] CPU: 0 PID: 9544 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3478.669939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3478.679288] Call Trace:
[ 3478.681878]  dump_stack+0x172/0x1f0
[ 3478.685521]  should_fail.cold+0xa/0x1b
[ 3478.689419]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3478.694532]  ? lock_downgrade+0x810/0x810
[ 3478.698691]  ? ___might_sleep+0x163/0x280
[ 3478.702853]  __should_failslab+0x121/0x190
[ 3478.707094]  should_failslab+0x9/0x14
[ 3478.710897]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3478.715591]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
18:27:47 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3478.720704]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3478.725645]  __list_lru_init+0x3d3/0x6e0
[ 3478.729711]  sget_userns+0x84d/0xd30
[ 3478.733431]  ? kill_litter_super+0x60/0x60
[ 3478.737672]  ? ns_test_super+0x50/0x50
[ 3478.741560]  ? ns_test_super+0x50/0x50
[ 3478.741575]  ? kill_litter_super+0x60/0x60
[ 3478.741590]  sget+0x10c/0x150
[ 3478.741611]  mount_bdev+0xff/0x3c0
[ 3478.752800]  ? finish_unfinished+0x1120/0x1120
[ 3478.752821]  get_super_block+0x35/0x40
[ 3478.752836]  mount_fs+0x106/0x3ff
[ 3478.752853]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3478.772752]  ? __init_waitqueue_head+0x36/0x90
[ 3478.777345]  vfs_kern_mount.part.0+0x6f/0x410
[ 3478.781850]  do_mount+0x581/0x2d30
[ 3478.785392]  ? finish_automount+0x461/0x490
[ 3478.789719]  ? copy_mount_string+0x40/0x40
[ 3478.793961]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3478.798814]  ? _copy_from_user+0xdd/0x150
[ 3478.802972]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3478.808517]  ? copy_mount_options+0x30e/0x440
[ 3478.813018]  ksys_mount+0xdb/0x150
[ 3478.816567]  __x64_sys_mount+0xbe/0x150
[ 3478.820550]  do_syscall_64+0x103/0x610
18:27:47 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3478.824443]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3478.829634] RIP: 0033:0x45a8aa
[ 3478.832829] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3478.851732] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3478.859441] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3478.866707] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
18:27:47 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xc}, 0x0)

18:27:47 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:47 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3478.873975] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3478.881245] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3478.888516] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3478.970130] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:47 executing program 1 (fault-call:0 fault-nth:71):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:47 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\a', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:47 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x3a0}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3478.974347] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3479.056711] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3479.120767] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3479.121646] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:47 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserf0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:47 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xe}, 0x0)

18:27:47 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:47 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x20000197}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3479.263700] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3479.298676] FAULT_INJECTION: forcing a failure.
[ 3479.298676] name failslab, interval 1, probability 0, space 0, times 0
[ 3479.319023] CPU: 1 PID: 9603 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3479.326154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3479.335504] Call Trace:
[ 3479.335527]  dump_stack+0x172/0x1f0
[ 3479.335548]  should_fail.cold+0xa/0x1b
[ 3479.345631]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3479.350742]  ? lock_downgrade+0x810/0x810
[ 3479.354911]  ? ___might_sleep+0x163/0x280
[ 3479.359071]  __should_failslab+0x121/0x190
[ 3479.363321]  should_failslab+0x9/0x14
[ 3479.367128]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3479.371808]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3479.376923]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3479.381878]  __list_lru_init+0x3d3/0x6e0
[ 3479.385952]  sget_userns+0x84d/0xd30
[ 3479.389673]  ? kill_litter_super+0x60/0x60
[ 3479.393916]  ? ns_test_super+0x50/0x50
[ 3479.394147] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3479.394901] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3479.397808]  ? ns_test_super+0x50/0x50
[ 3479.397823]  ? kill_litter_super+0x60/0x60
[ 3479.397838]  sget+0x10c/0x150
[ 3479.397871]  mount_bdev+0xff/0x3c0
[ 3479.429441]  ? finish_unfinished+0x1120/0x1120
[ 3479.434032]  get_super_block+0x35/0x40
[ 3479.437926]  mount_fs+0x106/0x3ff
[ 3479.441388]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3479.445899]  ? __init_waitqueue_head+0x36/0x90
[ 3479.450493]  vfs_kern_mount.part.0+0x6f/0x410
[ 3479.454999]  do_mount+0x581/0x2d30
[ 3479.458550]  ? finish_automount+0x461/0x490
[ 3479.462889]  ? copy_mount_string+0x40/0x40
[ 3479.467126]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3479.471980]  ? _copy_from_user+0xdd/0x150
[ 3479.476134]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3479.481672]  ? copy_mount_options+0x30e/0x440
[ 3479.486180]  ksys_mount+0xdb/0x150
[ 3479.489725]  __x64_sys_mount+0xbe/0x150
[ 3479.489745]  do_syscall_64+0x103/0x610
[ 3479.489763]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3479.497592] RIP: 0033:0x45a8aa
18:27:47 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:47 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x88', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:47 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x7ffff000}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:47 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xf}, 0x0)

[ 3479.497612] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3479.497624] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3479.532558] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3479.539819] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3479.539828] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3479.539836] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3479.539854] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:48 executing program 1 (fault-call:0 fault-nth:72):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:48 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3479.607470] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3479.630328] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3479.631088] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:48 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x10}, 0x0)

18:27:48 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfK\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x60c}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:48 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\a\xff\xff\xfe', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:48 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:48 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x48}, 0x0)

[ 3479.795661] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3479.903753] FAULT_INJECTION: forcing a failure.
[ 3479.903753] name failslab, interval 1, probability 0, space 0, times 0
[ 3479.921051] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3479.946665] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3479.965086] CPU: 1 PID: 9652 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3479.980517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3479.989868] Call Trace:
[ 3479.992464]  dump_stack+0x172/0x1f0
[ 3479.996110]  should_fail.cold+0xa/0x1b
[ 3480.000005]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3480.005107]  ? lock_downgrade+0x810/0x810
[ 3480.005125]  ? ___might_sleep+0x163/0x280
[ 3480.005147]  __should_failslab+0x121/0x190
[ 3480.005163]  should_failslab+0x9/0x14
[ 3480.005175]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3480.005191]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3480.013469]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3480.013488]  __list_lru_init+0x3d3/0x6e0
[ 3480.013509]  sget_userns+0x84d/0xd30
[ 3480.013524]  ? kill_litter_super+0x60/0x60
[ 3480.013541]  ? ns_test_super+0x50/0x50
[ 3480.013557]  ? ns_test_super+0x50/0x50
[ 3480.021564]  ? kill_litter_super+0x60/0x60
[ 3480.021582]  sget+0x10c/0x150
[ 3480.036237]  mount_bdev+0xff/0x3c0
[ 3480.036254]  ? finish_unfinished+0x1120/0x1120
[ 3480.036273]  get_super_block+0x35/0x40
[ 3480.036288]  mount_fs+0x106/0x3ff
[ 3480.036304]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3480.078710]  ? __init_waitqueue_head+0x36/0x90
[ 3480.078734]  vfs_kern_mount.part.0+0x6f/0x410
[ 3480.078755]  do_mount+0x581/0x2d30
[ 3480.078770]  ? finish_automount+0x461/0x490
[ 3480.087820]  ? copy_mount_string+0x40/0x40
[ 3480.087835]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3480.087860]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
18:27:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x634}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:48 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:48 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x4c}, 0x0)

[ 3480.087875]  ? copy_mount_options+0x30e/0x440
[ 3480.087895]  ksys_mount+0xdb/0x150
[ 3480.087914]  __x64_sys_mount+0xbe/0x150
[ 3480.126802]  do_syscall_64+0x103/0x610
[ 3480.130698]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3480.135888] RIP: 0033:0x45a8aa
[ 3480.139082] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3480.157982] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3480.159926] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3480.160761] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3480.165690] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3480.165700] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3480.165709] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3480.165718] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:48 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3480.165727] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3480.292582] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:48 executing program 1 (fault-call:0 fault-nth:73):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x200006f0}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:48 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:48 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfX\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:48 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x60}, 0x0)

18:27:48 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:48 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3480.401966] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3480.402787] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3480.520811] FAULT_INJECTION: forcing a failure.
[ 3480.520811] name failslab, interval 1, probability 0, space 0, times 0
[ 3480.544463] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3480.563047] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3480.571048] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3480.594195] CPU: 1 PID: 9713 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3480.607618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3480.607624] Call Trace:
18:27:49 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3480.607648]  dump_stack+0x172/0x1f0
[ 3480.607670]  should_fail.cold+0xa/0x1b
[ 3480.607688]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3480.607702]  ? lock_downgrade+0x810/0x810
[ 3480.607723]  ? ___might_sleep+0x163/0x280
[ 3480.640487]  __should_failslab+0x121/0x190
[ 3480.644733]  should_failslab+0x9/0x14
[ 3480.648548]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3480.653220]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3480.658332]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3480.663273]  __list_lru_init+0x3d3/0x6e0
[ 3480.667341]  sget_userns+0x84d/0xd30
[ 3480.671057]  ? kill_litter_super+0x60/0x60
[ 3480.675291]  ? ns_test_super+0x50/0x50
[ 3480.675308]  ? ns_test_super+0x50/0x50
[ 3480.675322]  ? kill_litter_super+0x60/0x60
[ 3480.675337]  sget+0x10c/0x150
[ 3480.675356]  mount_bdev+0xff/0x3c0
[ 3480.675369]  ? finish_unfinished+0x1120/0x1120
[ 3480.675387]  get_super_block+0x35/0x40
[ 3480.683131]  mount_fs+0x106/0x3ff
[ 3480.705847]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3480.710347]  ? __init_waitqueue_head+0x36/0x90
[ 3480.714946]  vfs_kern_mount.part.0+0x6f/0x410
18:27:49 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x68}, 0x0)

[ 3480.719445]  do_mount+0x581/0x2d30
[ 3480.722987]  ? finish_automount+0x461/0x490
[ 3480.727320]  ? copy_mount_string+0x40/0x40
[ 3480.731563]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3480.736418]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3480.741963]  ? copy_mount_options+0x30e/0x440
[ 3480.746460]  ksys_mount+0xdb/0x150
[ 3480.746479]  __x64_sys_mount+0xbe/0x150
[ 3480.746502]  do_syscall_64+0x103/0x610
[ 3480.753987]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3480.753999] RIP: 0033:0x45a8aa
18:27:49 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3480.754013] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3480.754021] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3480.754034] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3480.754041] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3480.754052] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3480.799558] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:49 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:49 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x7fffeea9}, {&(0x7f0000000fc0)=""/4096, 0x24}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3480.800105] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3480.800115] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3480.837287] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3480.893785] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3480.908463] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:49 executing program 1 (fault-call:0 fault-nth:74):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:49 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x6c}, 0x0)

18:27:49 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:49 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:49 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x4}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:49 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfa\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3481.112851] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3481.135433] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3481.136809] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:49 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:49 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x74}, 0x0)

18:27:49 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3481.267014] FAULT_INJECTION: forcing a failure.
[ 3481.267014] name failslab, interval 1, probability 0, space 0, times 0
18:27:49 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x25}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3481.322212] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3481.334071] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3481.334862] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3481.343838] CPU: 1 PID: 9791 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3481.359249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3481.359255] Call Trace:
[ 3481.359278]  dump_stack+0x172/0x1f0
[ 3481.359300]  should_fail.cold+0xa/0x1b
[ 3481.359318]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3481.359332]  ? lock_downgrade+0x810/0x810
[ 3481.359349]  ? ___might_sleep+0x163/0x280
[ 3481.392109]  __should_failslab+0x121/0x190
[ 3481.396351]  should_failslab+0x9/0x14
[ 3481.400192]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3481.405111]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3481.410226]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3481.415164]  __list_lru_init+0x3d3/0x6e0
[ 3481.419239]  sget_userns+0x84d/0xd30
18:27:49 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x7a}, 0x0)

18:27:49 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3481.422960]  ? kill_litter_super+0x60/0x60
[ 3481.427203]  ? ns_test_super+0x50/0x50
[ 3481.431096]  ? ns_test_super+0x50/0x50
[ 3481.434983]  ? kill_litter_super+0x60/0x60
[ 3481.434998]  sget+0x10c/0x150
[ 3481.435017]  mount_bdev+0xff/0x3c0
[ 3481.435032]  ? finish_unfinished+0x1120/0x1120
[ 3481.435050]  get_super_block+0x35/0x40
[ 3481.435066]  mount_fs+0x106/0x3ff
[ 3481.442384]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3481.462257]  ? __init_waitqueue_head+0x36/0x90
[ 3481.466851]  vfs_kern_mount.part.0+0x6f/0x410
[ 3481.471357]  do_mount+0x581/0x2d30
[ 3481.474910]  ? copy_mount_string+0x40/0x40
[ 3481.479151]  ? copy_mount_options+0x255/0x440
[ 3481.483653]  ? __sanitizer_cov_trace_pc+0x50/0x50
[ 3481.488517]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3481.494053]  ? copy_mount_options+0x30e/0x440
[ 3481.494073]  ksys_mount+0xdb/0x150
[ 3481.494091]  __x64_sys_mount+0xbe/0x150
[ 3481.494109]  do_syscall_64+0x103/0x610
[ 3481.494126]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3481.494136] RIP: 0033:0x45a8aa
[ 3481.494150] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3481.494158] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3481.537249] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3481.552224] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3481.559492] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3481.566758] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3481.566767] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3481.599587] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3481.607228] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3481.608109] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:50 executing program 1 (fault-call:0 fault-nth:75):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:50 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x34}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:50 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:50 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:50 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xf0}, 0x0)

18:27:50 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfb\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3481.870106] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3481.877898] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:50 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0xb8}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:50 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3481.878755] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3481.959502] FAULT_INJECTION: forcing a failure.
[ 3481.959502] name failslab, interval 1, probability 0, space 0, times 0
[ 3481.978440] CPU: 0 PID: 9844 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3481.985600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3481.994956] Call Trace:
[ 3481.997549]  dump_stack+0x172/0x1f0
[ 3482.001182]  should_fail.cold+0xa/0x1b
[ 3482.005078]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3482.010186]  ? lock_downgrade+0x810/0x810
[ 3482.014333]  ? ___might_sleep+0x163/0x280
[ 3482.018483]  __should_failslab+0x121/0x190
[ 3482.022720]  should_failslab+0x9/0x14
[ 3482.026517]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3482.031182]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3482.036288]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3482.041219]  __list_lru_init+0x3d3/0x6e0
[ 3482.045281]  sget_userns+0x84d/0xd30
[ 3482.048992]  ? kill_litter_super+0x60/0x60
[ 3482.053225]  ? ns_test_super+0x50/0x50
[ 3482.057108]  ? ns_test_super+0x50/0x50
[ 3482.060989]  ? kill_litter_super+0x60/0x60
[ 3482.065224]  sget+0x10c/0x150
[ 3482.068334]  mount_bdev+0xff/0x3c0
[ 3482.071876]  ? finish_unfinished+0x1120/0x1120
[ 3482.076468]  get_super_block+0x35/0x40
[ 3482.080357]  mount_fs+0x106/0x3ff
[ 3482.083810]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3482.088301]  ? __init_waitqueue_head+0x36/0x90
[ 3482.092892]  vfs_kern_mount.part.0+0x6f/0x410
[ 3482.097388]  do_mount+0x581/0x2d30
[ 3482.100928]  ? finish_automount+0x461/0x490
[ 3482.105257]  ? copy_mount_string+0x40/0x40
[ 3482.109488]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3482.114332]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3482.119863]  ? copy_mount_options+0x30e/0x440
[ 3482.124363]  ksys_mount+0xdb/0x150
[ 3482.127909]  __x64_sys_mount+0xbe/0x150
[ 3482.131882]  do_syscall_64+0x103/0x610
[ 3482.135774]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3482.140959] RIP: 0033:0x45a8aa
[ 3482.144147] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3482.163043] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3482.170744] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
18:27:50 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x1fe}, 0x0)

18:27:50 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3482.178009] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3482.185273] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3482.192553] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3482.199814] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3482.278383] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:50 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfc\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:50 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x184}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3482.338066] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3482.339124] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:50 executing program 1 (fault-call:0 fault-nth:76):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:50 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:50 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x300}, 0x0)

18:27:50 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:50 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1b0}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:50 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:51 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x500}, 0x0)

[ 3482.593766] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3482.600689] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3482.601983] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:51 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x228}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3482.739409] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3482.748777] FAULT_INJECTION: forcing a failure.
[ 3482.748777] name failslab, interval 1, probability 0, space 0, times 0
[ 3482.760211] CPU: 1 PID: 9909 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3482.767319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3482.776675] Call Trace:
[ 3482.776698]  dump_stack+0x172/0x1f0
[ 3482.776720]  should_fail.cold+0xa/0x1b
18:27:51 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:51 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfd\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

[ 3482.786796]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3482.791894]  ? lock_downgrade+0x810/0x810
[ 3482.796053]  ? ___might_sleep+0x163/0x280
[ 3482.800215]  __should_failslab+0x121/0x190
[ 3482.804463]  should_failslab+0x9/0x14
[ 3482.808273]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3482.812955]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3482.818076]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3482.823023]  __list_lru_init+0x3d3/0x6e0
[ 3482.827098]  sget_userns+0x84d/0xd30
[ 3482.830817]  ? kill_litter_super+0x60/0x60
[ 3482.835057]  ? ns_test_super+0x50/0x50
[ 3482.838937]  ? ns_test_super+0x50/0x50
[ 3482.842820]  ? kill_litter_super+0x60/0x60
[ 3482.847056]  sget+0x10c/0x150
[ 3482.850171]  mount_bdev+0xff/0x3c0
[ 3482.853717]  ? finish_unfinished+0x1120/0x1120
[ 3482.858314]  get_super_block+0x35/0x40
[ 3482.862211]  mount_fs+0x106/0x3ff
[ 3482.865677]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3482.870179]  ? __init_waitqueue_head+0x36/0x90
[ 3482.874776]  vfs_kern_mount.part.0+0x6f/0x410
[ 3482.879282]  do_mount+0x581/0x2d30
[ 3482.882832]  ? finish_automount+0x461/0x490
18:27:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x3a0}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3482.887157]  ? copy_mount_string+0x40/0x40
[ 3482.891398]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3482.896246]  ? _copy_from_user+0xdd/0x150
[ 3482.900405]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3482.905944]  ? copy_mount_options+0x30e/0x440
[ 3482.910450]  ksys_mount+0xdb/0x150
[ 3482.913996]  __x64_sys_mount+0xbe/0x150
[ 3482.917974]  do_syscall_64+0x103/0x610
[ 3482.921867]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3482.927067] RIP: 0033:0x45a8aa
[ 3482.930261] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3482.949161] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3482.956861] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3482.964127] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3482.971389] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3482.978651] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3482.985913] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:51 executing program 1 (fault-call:0 fault-nth:77):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:51 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:51 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x600}, 0x0)

18:27:51 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3483.228267] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:51 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfh\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:51 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x700}, 0x0)

18:27:51 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x3cc}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3483.270314] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.271089] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:51 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3483.360665] FAULT_INJECTION: forcing a failure.
[ 3483.360665] name failslab, interval 1, probability 0, space 0, times 0
[ 3483.435972] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3483.462195] CPU: 0 PID: 9952 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3483.469337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
18:27:51 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3483.478618] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.478692] Call Trace:
[ 3483.480673] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.489591]  dump_stack+0x172/0x1f0
[ 3483.501547]  should_fail.cold+0xa/0x1b
[ 3483.505448]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3483.510563]  ? lock_downgrade+0x810/0x810
[ 3483.510581]  ? ___might_sleep+0x163/0x280
[ 3483.510603]  __should_failslab+0x121/0x190
[ 3483.510620]  should_failslab+0x9/0x14
[ 3483.510635]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3483.518912]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3483.518934]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3483.518954]  __list_lru_init+0x3d3/0x6e0
[ 3483.518975]  sget_userns+0x84d/0xd30
[ 3483.518991]  ? kill_litter_super+0x60/0x60
[ 3483.553614]  ? ns_test_super+0x50/0x50
[ 3483.557521]  ? ns_test_super+0x50/0x50
[ 3483.561416]  ? kill_litter_super+0x60/0x60
[ 3483.565656]  sget+0x10c/0x150
[ 3483.568977]  mount_bdev+0xff/0x3c0
[ 3483.572173] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.572536]  ? finish_unfinished+0x1120/0x1120
18:27:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x41c}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:52 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3483.572880] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.585430]  get_super_block+0x35/0x40
[ 3483.593746]  mount_fs+0x106/0x3ff
[ 3483.593770]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3483.593786]  ? __init_waitqueue_head+0x36/0x90
[ 3483.593805]  vfs_kern_mount.part.0+0x6f/0x410
[ 3483.601121]  do_mount+0x581/0x2d30
[ 3483.618184]  ? finish_automount+0x461/0x490
[ 3483.622519]  ? copy_mount_string+0x40/0x40
[ 3483.622536]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3483.622556]  ? _copy_from_user+0xdd/0x150
[ 3483.622575]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3483.622590]  ? copy_mount_options+0x30e/0x440
[ 3483.645785]  ksys_mount+0xdb/0x150
[ 3483.645804]  __x64_sys_mount+0xbe/0x150
[ 3483.645825]  do_syscall_64+0x103/0x610
[ 3483.645843]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3483.645856] RIP: 0033:0x45a8aa
[ 3483.665581] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3483.684484] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3483.692205] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3483.692768] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.693552] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.699471] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3483.699480] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3483.699488] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3483.699506] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:52 executing program 1 (fault-call:0 fault-nth:78):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:52 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

18:27:52 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xa00}, 0x0)

18:27:52 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x5f0}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:52 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfi\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:52 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:52 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xc00}, 0x0)

[ 3483.941706] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.942415] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3483.957007] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3484.004873] FAULT_INJECTION: forcing a failure.
[ 3484.004873] name failslab, interval 1, probability 0, space 0, times 0
[ 3484.016575] CPU: 0 PID: 10012 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3484.023769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3484.033116] Call Trace:
[ 3484.035711]  dump_stack+0x172/0x1f0
[ 3484.039349]  should_fail.cold+0xa/0x1b
[ 3484.043243]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3484.048352]  ? lock_downgrade+0x810/0x810
18:27:52 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}, 0x1, 0x0, 0x0, 0x0}, 0x0)

[ 3484.052517]  ? ___might_sleep+0x163/0x280
[ 3484.056677]  __should_failslab+0x121/0x190
[ 3484.060916]  should_failslab+0x9/0x14
[ 3484.060930]  kmem_cache_alloc_node_trace+0x270/0x720
[ 3484.060945]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3484.069830]  __kmalloc_node+0x3d/0x70
[ 3484.069848]  kvmalloc_node+0x68/0x100
[ 3484.069864]  __list_lru_init+0x4aa/0x6e0
[ 3484.086325]  sget_userns+0x84d/0xd30
[ 3484.090050]  ? kill_litter_super+0x60/0x60
[ 3484.094292]  ? ns_test_super+0x50/0x50
[ 3484.098183]  ? ns_test_super+0x50/0x50
18:27:52 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x2)

[ 3484.102084]  ? kill_litter_super+0x60/0x60
[ 3484.106323]  sget+0x10c/0x150
[ 3484.109441]  mount_bdev+0xff/0x3c0
[ 3484.113001]  ? finish_unfinished+0x1120/0x1120
[ 3484.117589]  get_super_block+0x35/0x40
[ 3484.121495]  mount_fs+0x106/0x3ff
[ 3484.124962]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3484.129480]  ? __init_waitqueue_head+0x36/0x90
[ 3484.134074]  vfs_kern_mount.part.0+0x6f/0x410
[ 3484.135225] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3484.138576]  do_mount+0x581/0x2d30
[ 3484.138592]  ? finish_automount+0x461/0x490
18:27:52 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xc15}, 0x0)

[ 3484.138614]  ? copy_mount_string+0x40/0x40
[ 3484.156028]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3484.160879]  ? _copy_from_user+0xdd/0x150
[ 3484.165034]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3484.165049]  ? copy_mount_options+0x30e/0x440
[ 3484.165066]  ksys_mount+0xdb/0x150
[ 3484.175073]  __x64_sys_mount+0xbe/0x150
[ 3484.175093]  do_syscall_64+0x103/0x610
[ 3484.175111]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3484.175124] RIP: 0033:0x45a8aa
[ 3484.194849] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3484.213752] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3484.214484] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3484.221466] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3484.221475] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3484.221485] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3484.221494] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:52 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x6bc}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:52 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3484.221502] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3484.305733] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3484.306685] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:52 executing program 1 (fault-call:0 fault-nth:79):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:52 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:52 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x3)

18:27:52 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xe00}, 0x0)

18:27:52 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfk\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:52 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x700}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3484.448775] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3484.449569] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3484.469394] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:52 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xf00}, 0x0)

18:27:52 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x4)

[ 3484.529369] FAULT_INJECTION: forcing a failure.
[ 3484.529369] name failslab, interval 1, probability 0, space 0, times 0
[ 3484.553751] CPU: 1 PID: 10062 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3484.561091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3484.570566] Call Trace:
[ 3484.573165]  dump_stack+0x172/0x1f0
[ 3484.576805]  should_fail.cold+0xa/0x1b
[ 3484.580698]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3484.585797]  ? lock_downgrade+0x810/0x810
[ 3484.589975]  ? ___might_sleep+0x163/0x280
[ 3484.594129]  __should_failslab+0x121/0x190
[ 3484.598706]  should_failslab+0x9/0x14
[ 3484.602505]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3484.607170]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3484.612277]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3484.617205]  __list_lru_init+0x3d3/0x6e0
[ 3484.621270]  sget_userns+0x84d/0xd30
[ 3484.624981]  ? kill_litter_super+0x60/0x60
18:27:53 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x6)

18:27:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x9a0}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3484.629215]  ? ns_test_super+0x50/0x50
[ 3484.633098]  ? ns_test_super+0x50/0x50
[ 3484.636982]  ? kill_litter_super+0x60/0x60
[ 3484.641210]  sget+0x10c/0x150
[ 3484.644314]  mount_bdev+0xff/0x3c0
[ 3484.647836]  ? finish_unfinished+0x1120/0x1120
[ 3484.652414]  get_super_block+0x35/0x40
[ 3484.656391]  mount_fs+0x106/0x3ff
[ 3484.659821]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3484.664306]  ? __init_waitqueue_head+0x36/0x90
[ 3484.668904]  vfs_kern_mount.part.0+0x6f/0x410
[ 3484.673449]  do_mount+0x581/0x2d30
[ 3484.676982]  ? finish_automount+0x461/0x490
[ 3484.681296]  ? copy_mount_string+0x40/0x40
[ 3484.685517]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3484.690347]  ? _copy_from_user+0xdd/0x150
[ 3484.694473]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3484.700004]  ? copy_mount_options+0x30e/0x440
[ 3484.704524]  ksys_mount+0xdb/0x150
[ 3484.708070]  __x64_sys_mount+0xbe/0x150
[ 3484.712024]  do_syscall_64+0x103/0x610
[ 3484.715893]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3484.721064] RIP: 0033:0x45a8aa
[ 3484.724240] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3484.743132] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3484.750813] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3484.758059] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3484.765310] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3484.772577] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:53 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3484.779823] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3484.815909] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3484.822581] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:53 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x150c}, 0x0)

18:27:53 executing program 1 (fault-call:0 fault-nth:80):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0xb28}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:53 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3484.893164] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3484.893877] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:53 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x8)

[ 3484.979314] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0xc00}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:53 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfl\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:53 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x2000}, 0x0)

[ 3485.092828] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3485.097731] FAULT_INJECTION: forcing a failure.
[ 3485.097731] name failslab, interval 1, probability 0, space 0, times 0
[ 3485.118146] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3485.131619] CPU: 1 PID: 10107 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
18:27:53 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:53 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xa)

[ 3485.147222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3485.147228] Call Trace:
[ 3485.147250]  dump_stack+0x172/0x1f0
[ 3485.147269]  should_fail.cold+0xa/0x1b
[ 3485.147286]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3485.147301]  ? lock_downgrade+0x810/0x810
[ 3485.147316]  ? ___might_sleep+0x163/0x280
[ 3485.147335]  __should_failslab+0x121/0x190
[ 3485.147350]  should_failslab+0x9/0x14
[ 3485.147364]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3485.192690]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3485.197776]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3485.202684]  __list_lru_init+0x3d3/0x6e0
[ 3485.206723]  sget_userns+0x84d/0xd30
[ 3485.210412]  ? kill_litter_super+0x60/0x60
[ 3485.214634]  ? ns_test_super+0x50/0x50
[ 3485.218507]  ? ns_test_super+0x50/0x50
[ 3485.222377]  ? kill_litter_super+0x60/0x60
[ 3485.226586]  sget+0x10c/0x150
[ 3485.229683]  mount_bdev+0xff/0x3c0
[ 3485.233201]  ? finish_unfinished+0x1120/0x1120
[ 3485.237774]  get_super_block+0x35/0x40
[ 3485.241754]  mount_fs+0x106/0x3ff
[ 3485.245182]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3485.249655]  ? __init_waitqueue_head+0x36/0x90
[ 3485.254225]  vfs_kern_mount.part.0+0x6f/0x410
[ 3485.258706]  do_mount+0x581/0x2d30
[ 3485.262221]  ? finish_automount+0x461/0x490
[ 3485.266519]  ? copy_mount_string+0x40/0x40
[ 3485.270727]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3485.275563]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3485.281084]  ? copy_mount_options+0x30e/0x440
[ 3485.285560]  ksys_mount+0xdb/0x150
[ 3485.289077]  __x64_sys_mount+0xbe/0x150
[ 3485.293026]  do_syscall_64+0x103/0x610
[ 3485.296902]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3485.302071] RIP: 0033:0x45a8aa
[ 3485.305248] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3485.324128] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3485.331810] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3485.339054] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3485.346298] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3485.353550] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3485.360801] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0xc48}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3485.443097] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3485.451729] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3485.452399] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:53 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x4800}, 0x0)

18:27:53 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xc)

18:27:53 executing program 1 (fault-call:0 fault-nth:81):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:53 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0xef0}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:54 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x4c00}, 0x0)

[ 3485.595057] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:54 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xe)

18:27:54 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfo\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:54 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0xf6c}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:54 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x5865}, 0x0)

[ 3485.694523] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3485.698699] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3485.718546] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3485.774430] FAULT_INJECTION: forcing a failure.
[ 3485.774430] name failslab, interval 1, probability 0, space 0, times 0
18:27:54 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xf)

18:27:54 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x6000}, 0x0)

[ 3485.822381] CPU: 0 PID: 10160 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3485.829594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3485.838937] Call Trace:
[ 3485.841612]  dump_stack+0x172/0x1f0
[ 3485.841650] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3485.845238]  should_fail.cold+0xa/0x1b
[ 3485.845255]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3485.845270]  ? lock_downgrade+0x810/0x810
[ 3485.863702]  ? ___might_sleep+0x163/0x280
18:27:54 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3485.865655] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3485.867853]  __should_failslab+0x121/0x190
[ 3485.880388]  should_failslab+0x9/0x14
[ 3485.884179]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3485.888827]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3485.893907]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3485.898813]  __list_lru_init+0x3d3/0x6e0
[ 3485.902938]  sget_userns+0x84d/0xd30
[ 3485.906626]  ? kill_litter_super+0x60/0x60
[ 3485.910925]  ? ns_test_super+0x50/0x50
[ 3485.914795]  ? ns_test_super+0x50/0x50
[ 3485.918656]  ? kill_litter_super+0x60/0x60
[ 3485.922882]  sget+0x10c/0x150
[ 3485.925969]  mount_bdev+0xff/0x3c0
[ 3485.929488]  ? finish_unfinished+0x1120/0x1120
[ 3485.934046]  get_super_block+0x35/0x40
[ 3485.937910]  mount_fs+0x106/0x3ff
[ 3485.941338]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3485.945811]  ? __init_waitqueue_head+0x36/0x90
[ 3485.950465]  vfs_kern_mount.part.0+0x6f/0x410
[ 3485.955024]  do_mount+0x581/0x2d30
[ 3485.958542]  ? copy_mount_string+0x40/0x40
[ 3485.962749]  ? copy_mount_options+0x223/0x440
[ 3485.967220]  ? __sanitizer_cov_trace_pc+0x50/0x50
[ 3485.972034]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3485.977544]  ? copy_mount_options+0x30e/0x440
[ 3485.982013]  ksys_mount+0xdb/0x150
[ 3485.985528]  __x64_sys_mount+0xbe/0x150
[ 3485.989495]  do_syscall_64+0x103/0x610
[ 3485.993364]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3485.998528] RIP: 0033:0x45a8aa
[ 3486.001698] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3486.020575] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3486.028256] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3486.035500] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3486.042745] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3486.049987] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3486.057228] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3486.127036] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:54 executing program 1 (fault-call:0 fault-nth:82):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:54 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x10)

18:27:54 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x6558}, 0x0)

18:27:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1104}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:54 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x88\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3486.181936] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3486.195295] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3486.305219] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:54 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfp\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:54 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x6800}, 0x0)

18:27:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1148}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3486.365543] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3486.366297] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3486.384483] FAULT_INJECTION: forcing a failure.
[ 3486.384483] name failslab, interval 1, probability 0, space 0, times 0
18:27:54 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3486.428342] CPU: 0 PID: 10218 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3486.435628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3486.444974] Call Trace:
[ 3486.447558]  dump_stack+0x172/0x1f0
[ 3486.451170]  should_fail.cold+0xa/0x1b
[ 3486.455037]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3486.460117]  ? lock_downgrade+0x810/0x810
[ 3486.464246]  ? ___might_sleep+0x163/0x280
[ 3486.468381]  __should_failslab+0x121/0x190
[ 3486.472593]  should_failslab+0x9/0x14
[ 3486.476373]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3486.481018]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3486.486105]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3486.491013]  __list_lru_init+0x3d3/0x6e0
[ 3486.495057]  sget_userns+0x84d/0xd30
[ 3486.498748]  ? kill_litter_super+0x60/0x60
[ 3486.502963]  ? ns_test_super+0x50/0x50
[ 3486.506827]  ? ns_test_super+0x50/0x50
[ 3486.510693]  ? kill_litter_super+0x60/0x60
[ 3486.514903]  sget+0x10c/0x150
[ 3486.517992]  mount_bdev+0xff/0x3c0
[ 3486.521511]  ? finish_unfinished+0x1120/0x1120
[ 3486.526076]  get_super_block+0x35/0x40
[ 3486.529942]  mount_fs+0x106/0x3ff
[ 3486.533374]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3486.537849]  ? __init_waitqueue_head+0x36/0x90
[ 3486.542502]  vfs_kern_mount.part.0+0x6f/0x410
[ 3486.546997]  do_mount+0x581/0x2d30
[ 3486.550515]  ? finish_automount+0x461/0x490
[ 3486.554818]  ? copy_mount_string+0x40/0x40
[ 3486.559033]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3486.563943]  ? _copy_from_user+0xdd/0x150
[ 3486.568073]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3486.573589]  ? copy_mount_options+0x30e/0x440
[ 3486.578075]  ksys_mount+0xdb/0x150
[ 3486.581594]  __x64_sys_mount+0xbe/0x150
[ 3486.585552]  do_syscall_64+0x103/0x610
[ 3486.589418]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3486.594844] RIP: 0033:0x45a8aa
[ 3486.598019] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3486.616982] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
18:27:55 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x60)

[ 3486.624664] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3486.631911] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3486.639159] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3486.646404] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3486.653666] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3486.691603] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1188}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x6c00}, 0x0)

[ 3486.734675] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3486.736807] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:55 executing program 1 (fault-call:0 fault-nth:83):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:55 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xf0)

[ 3486.831106] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3486.872740] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x13b8}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:55 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x300)

[ 3486.896124] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3487.041791] FAULT_INJECTION: forcing a failure.
[ 3487.041791] name failslab, interval 1, probability 0, space 0, times 0
[ 3487.078026] CPU: 1 PID: 10279 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
18:27:55 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserft\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x7400}, 0x0)

18:27:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:55 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x600)

[ 3487.085319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3487.094660] Call Trace:
[ 3487.097263]  dump_stack+0x172/0x1f0
[ 3487.100894]  should_fail.cold+0xa/0x1b
[ 3487.104785]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3487.109878]  ? lock_downgrade+0x810/0x810
[ 3487.114026]  ? ___might_sleep+0x163/0x280
[ 3487.118178]  __should_failslab+0x121/0x190
[ 3487.122411]  should_failslab+0x9/0x14
[ 3487.126205]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3487.130303] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3487.130877]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
18:27:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x7a00}, 0x0)

18:27:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3487.130913]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3487.146253]  __list_lru_init+0x3d3/0x6e0
[ 3487.150319]  sget_userns+0x84d/0xd30
[ 3487.154029]  ? kill_litter_super+0x60/0x60
[ 3487.158263]  ? ns_test_super+0x50/0x50
[ 3487.162148]  ? ns_test_super+0x50/0x50
[ 3487.162522] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3487.165505] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3487.166033]  ? kill_litter_super+0x60/0x60
[ 3487.186832]  sget+0x10c/0x150
[ 3487.189926]  mount_bdev+0xff/0x3c0
[ 3487.193457]  ? finish_unfinished+0x1120/0x1120
[ 3487.198024]  get_super_block+0x35/0x40
[ 3487.201884]  mount_fs+0x106/0x3ff
[ 3487.205325]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3487.209800]  ? __init_waitqueue_head+0x36/0x90
[ 3487.214373]  vfs_kern_mount.part.0+0x6f/0x410
[ 3487.218849]  do_mount+0x581/0x2d30
[ 3487.222363]  ? finish_automount+0x461/0x490
[ 3487.226662]  ? copy_mount_string+0x40/0x40
[ 3487.230869]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3487.235690]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3487.241205]  ? copy_mount_options+0x30e/0x440
[ 3487.245679]  ksys_mount+0xdb/0x150
[ 3487.249332]  __x64_sys_mount+0xbe/0x150
[ 3487.253283]  do_syscall_64+0x103/0x610
[ 3487.257150]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3487.262316] RIP: 0033:0x45a8aa
[ 3487.265486] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3487.284368] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
18:27:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1474}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3487.292057] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3487.299303] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3487.306635] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3487.313883] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3487.321132] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3487.398110] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3487.405893] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3487.406596] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:55 executing program 1 (fault-call:0 fault-nth:84):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:55 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x8100}, 0x0)

18:27:55 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:55 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xa00)

18:27:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1508}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3487.549137] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3487.556409] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3487.561238] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3487.617888] FAULT_INJECTION: forcing a failure.
[ 3487.617888] name failslab, interval 1, probability 0, space 0, times 0
[ 3487.657723] CPU: 1 PID: 10336 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3487.665010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3487.674356] Call Trace:
[ 3487.676954]  dump_stack+0x172/0x1f0
[ 3487.680584]  should_fail.cold+0xa/0x1b
[ 3487.684478]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3487.689576]  ? lock_downgrade+0x810/0x810
[ 3487.693720]  ? ___might_sleep+0x163/0x280
[ 3487.697950]  __should_failslab+0x121/0x190
[ 3487.702161]  should_failslab+0x9/0x14
[ 3487.705945]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3487.710590]  ? reacquire_held_locks+0xfb/0x520
[ 3487.715158]  ? sget_userns+0x208/0xd30
[ 3487.719043]  reiserfs_fill_super+0xfe/0x2eb0
[ 3487.723440]  ? finish_unfinished+0x1120/0x1120
[ 3487.727999]  ? up_write+0x1c/0x150
[ 3487.731516]  ? snprintf+0xbb/0xf0
[ 3487.734948]  ? vsprintf+0x40/0x40
[ 3487.738377]  ? wait_for_completion+0x440/0x440
[ 3487.742935]  ? ns_test_super+0x50/0x50
[ 3487.746796]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3487.751790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3487.757302]  mount_bdev+0x307/0x3c0
[ 3487.760902]  ? finish_unfinished+0x1120/0x1120
[ 3487.765462]  get_super_block+0x35/0x40
[ 3487.769327]  mount_fs+0x106/0x3ff
[ 3487.772757]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3487.777228]  ? __init_waitqueue_head+0x36/0x90
[ 3487.781787]  vfs_kern_mount.part.0+0x6f/0x410
[ 3487.786258]  do_mount+0x581/0x2d30
[ 3487.789787]  ? copy_mount_string+0x40/0x40
[ 3487.794016]  ? copy_mount_options+0x1de/0x440
[ 3487.798493]  ? __sanitizer_cov_trace_pc+0x3b/0x50
[ 3487.803317]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3487.808830]  ? copy_mount_options+0x30e/0x440
[ 3487.813300]  ksys_mount+0xdb/0x150
[ 3487.816819]  __x64_sys_mount+0xbe/0x150
[ 3487.820770]  do_syscall_64+0x103/0x610
[ 3487.824635]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3487.829801] RIP: 0033:0x45a8aa
[ 3487.832967] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3487.851843] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3487.859526] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
18:27:56 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfu\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:56 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xf000}, 0x0)

18:27:56 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:56 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xc00)

18:27:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x168c}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3487.866770] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3487.874020] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3487.881266] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3487.888523] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:56 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xfe01}, 0x0)

[ 3487.933052] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3487.939775] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:56 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xe00)

[ 3487.971493] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3487.986288] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3488.069441] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:56 executing program 1 (fault-call:0 fault-nth:85):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:56 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x16d4}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:56 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x34000}, 0x0)

[ 3488.143562] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:56 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xf00)

[ 3488.144092] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3488.186300] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3488.238875] FAULT_INJECTION: forcing a failure.
[ 3488.238875] name failslab, interval 1, probability 0, space 0, times 0
[ 3488.289034] CPU: 0 PID: 10388 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3488.296239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3488.305569] Call Trace:
[ 3488.308140]  dump_stack+0x172/0x1f0
[ 3488.311755]  should_fail.cold+0xa/0x1b
[ 3488.315627]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3488.320702]  ? lock_downgrade+0x810/0x810
[ 3488.324825]  ? ___might_sleep+0x163/0x280
[ 3488.328949]  __should_failslab+0x121/0x190
[ 3488.333160]  should_failslab+0x9/0x14
[ 3488.336936]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3488.341582]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3488.346664]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3488.351568]  __list_lru_init+0x3d3/0x6e0
[ 3488.355606]  sget_userns+0x84d/0xd30
[ 3488.359296]  ? kill_litter_super+0x60/0x60
[ 3488.363521]  ? ns_test_super+0x50/0x50
[ 3488.367389]  ? ns_test_super+0x50/0x50
[ 3488.371357]  ? kill_litter_super+0x60/0x60
[ 3488.375569]  sget+0x10c/0x150
[ 3488.378654]  mount_bdev+0xff/0x3c0
[ 3488.382173]  ? finish_unfinished+0x1120/0x1120
[ 3488.386740]  get_super_block+0x35/0x40
[ 3488.390604]  mount_fs+0x106/0x3ff
[ 3488.394032]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3488.398503]  ? __init_waitqueue_head+0x36/0x90
[ 3488.403063]  vfs_kern_mount.part.0+0x6f/0x410
[ 3488.407536]  do_mount+0x581/0x2d30
[ 3488.411054]  ? finish_automount+0x461/0x490
[ 3488.415354]  ? copy_mount_string+0x40/0x40
[ 3488.419575]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3488.424394]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3488.429909]  ? copy_mount_options+0x30e/0x440
[ 3488.434383]  ksys_mount+0xdb/0x150
[ 3488.437911]  __x64_sys_mount+0xbe/0x150
[ 3488.441871]  do_syscall_64+0x103/0x610
[ 3488.445736]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3488.451038] RIP: 0033:0x45a8aa
[ 3488.454207] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3488.473082] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3488.480767] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
18:27:56 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfx\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:56 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:56 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x400300}, 0x0)

18:27:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x198c}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:56 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x1b39)

[ 3488.488010] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3488.495254] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3488.502496] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3488.509738] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3488.554985] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3488.555673] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3488.561530] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xf0ffff}, 0x0)

18:27:57 executing program 1 (fault-call:0 fault-nth:86):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x19c4}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x391b)

18:27:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x1000000}, 0x0)

[ 3488.698371] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3488.704795] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3488.705477] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3488.806797] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3488.825729] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3488.827481] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3488.886454] FAULT_INJECTION: forcing a failure.
[ 3488.886454] name failslab, interval 1, probability 0, space 0, times 0
[ 3488.904585] CPU: 1 PID: 10447 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3488.911887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3488.921227] Call Trace:
[ 3488.921250]  dump_stack+0x172/0x1f0
[ 3488.921269]  should_fail.cold+0xa/0x1b
[ 3488.921287]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3488.921301]  ? lock_downgrade+0x810/0x810
[ 3488.921318]  ? ___might_sleep+0x163/0x280
[ 3488.944995]  __should_failslab+0x121/0x190
[ 3488.949228]  should_failslab+0x9/0x14
[ 3488.953044]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3488.957737]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3488.962842]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3488.967762]  __list_lru_init+0x3d3/0x6e0
[ 3488.971811]  sget_userns+0x84d/0xd30
[ 3488.975518]  ? kill_litter_super+0x60/0x60
[ 3488.979750]  ? ns_test_super+0x50/0x50
[ 3488.983632]  ? ns_test_super+0x50/0x50
[ 3488.987512]  ? kill_litter_super+0x60/0x60
[ 3488.991744]  sget+0x10c/0x150
[ 3488.994852]  mount_bdev+0xff/0x3c0
[ 3488.998386]  ? finish_unfinished+0x1120/0x1120
[ 3489.002955]  get_super_block+0x35/0x40
[ 3489.006837]  mount_fs+0x106/0x3ff
[ 3489.010292]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3489.014784]  ? __init_waitqueue_head+0x36/0x90
[ 3489.019371]  vfs_kern_mount.part.0+0x6f/0x410
[ 3489.023881]  do_mount+0x581/0x2d30
[ 3489.027414]  ? finish_automount+0x461/0x490
[ 3489.031713]  ? copy_mount_string+0x40/0x40
[ 3489.035933]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3489.040763]  ? _copy_from_user+0xdd/0x150
[ 3489.044904]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3489.050421]  ? copy_mount_options+0x30e/0x440
[ 3489.054905]  ksys_mount+0xdb/0x150
[ 3489.058431]  __x64_sys_mount+0xbe/0x150
[ 3489.062383]  do_syscall_64+0x103/0x610
[ 3489.066254]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3489.071417] RIP: 0033:0x45a8aa
[ 3489.074593] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3489.093481] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3489.101185] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3489.108432] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3489.115675] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3489.122921] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3489.130163] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:57 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfy\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x3f00)

18:27:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

18:27:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1a74}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\a\xff\xff', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3489.210522] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x5865)

18:27:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1a8c}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:57 executing program 1 (fault-call:0 fault-nth:87):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x3000000}, 0x0)

[ 3489.257162] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3489.262364] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:57 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:57 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x6000)

18:27:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1be0}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3489.358878] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3489.416547] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3489.417276] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3489.442929] FAULT_INJECTION: forcing a failure.
[ 3489.442929] name failslab, interval 1, probability 0, space 0, times 0
18:27:57 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfz\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:57 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

18:27:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x1c48}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3489.489915] CPU: 0 PID: 10491 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3489.497208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3489.506565] Call Trace:
[ 3489.509154]  dump_stack+0x172/0x1f0
[ 3489.512781]  should_fail.cold+0xa/0x1b
[ 3489.516666]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3489.521765]  ? lock_downgrade+0x810/0x810
[ 3489.525901]  ? ___might_sleep+0x163/0x280
[ 3489.530032]  __should_failslab+0x121/0x190
[ 3489.534240]  should_failslab+0x9/0x14
[ 3489.538020]  kmem_cache_alloc_node_trace+0x270/0x720
[ 3489.543096]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[ 3489.547911]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 3489.552991]  alloc_worker+0x47/0x1c0
[ 3489.556684]  init_rescuer.part.0+0x1f/0x190
[ 3489.560982]  __alloc_workqueue_key+0xb0e/0xe00
[ 3489.565539]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 3489.570832]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 3489.575824]  ? lockdep_init_map+0x10c/0x5b0
[ 3489.580137]  ? debug_mutex_init+0x2d/0x60
[ 3489.584287]  reiserfs_fill_super+0x377/0x2eb0
[ 3489.588761]  ? finish_unfinished+0x1120/0x1120
[ 3489.593320]  ? up_write+0x1c/0x150
[ 3489.596844]  ? snprintf+0xbb/0xf0
[ 3489.600280]  ? vsprintf+0x40/0x40
[ 3489.603707]  ? wait_for_completion+0x440/0x440
[ 3489.608266]  ? ns_test_super+0x50/0x50
[ 3489.612124]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3489.617113]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3489.622628]  mount_bdev+0x307/0x3c0
[ 3489.626243]  ? finish_unfinished+0x1120/0x1120
[ 3489.630804]  get_super_block+0x35/0x40
[ 3489.634667]  mount_fs+0x106/0x3ff
[ 3489.638094]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3489.642562]  ? __init_waitqueue_head+0x36/0x90
[ 3489.647119]  vfs_kern_mount.part.0+0x6f/0x410
[ 3489.651586]  do_mount+0x581/0x2d30
[ 3489.655103]  ? finish_automount+0x461/0x490
[ 3489.659399]  ? copy_mount_string+0x40/0x40
[ 3489.663607]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3489.668424]  ? _copy_from_user+0xdd/0x150
[ 3489.672548]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3489.678056]  ? copy_mount_options+0x30e/0x440
[ 3489.682528]  ksys_mount+0xdb/0x150
[ 3489.686042]  __x64_sys_mount+0xbe/0x150
[ 3489.689990]  do_syscall_64+0x103/0x610
[ 3489.693858]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3489.699019] RIP: 0033:0x45a8aa
[ 3489.702189] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3489.721060] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3489.728740] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
18:27:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x6558)

18:27:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3489.736001] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3489.743249] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3489.750492] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3489.757736] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3489.769156] REISERFS warning (device loop1):  reiserfs_fill_super: Cannot allocate commit workqueue
[ 3489.845702] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3489.865686] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3489.872784] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x5000000}, 0x0)

18:27:58 executing program 1 (fault-call:0 fault-nth:88):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x8100)

18:27:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2020}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:58 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xf000)

18:27:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2048}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3490.050805] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:58 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x02', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x6000000}, 0x0)

18:27:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3490.127540] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.128239] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.175953] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3490.182483] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3490.214338] FAULT_INJECTION: forcing a failure.
[ 3490.214338] name failslab, interval 1, probability 0, space 0, times 0
[ 3490.227177] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.238401] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.263845] CPU: 1 PID: 10550 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3490.279331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3490.288665] Call Trace:
[ 3490.291251]  dump_stack+0x172/0x1f0
[ 3490.294876]  should_fail.cold+0xa/0x1b
[ 3490.298887]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3490.303986]  ? lock_downgrade+0x810/0x810
[ 3490.308128]  ? ___might_sleep+0x163/0x280
[ 3490.312266]  __should_failslab+0x121/0x190
[ 3490.312281]  should_failslab+0x9/0x14
[ 3490.312294]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3490.320291]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3490.330013]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3490.330029]  __list_lru_init+0x3d3/0x6e0
18:27:58 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3490.338989]  sget_userns+0x84d/0xd30
[ 3490.342698]  ? kill_litter_super+0x60/0x60
[ 3490.346934]  ? ns_test_super+0x50/0x50
[ 3490.350826]  ? ns_test_super+0x50/0x50
[ 3490.354712]  ? kill_litter_super+0x60/0x60
[ 3490.358941]  sget+0x10c/0x150
[ 3490.362052]  mount_bdev+0xff/0x3c0
[ 3490.365614]  ? finish_unfinished+0x1120/0x1120
[ 3490.370193]  get_super_block+0x35/0x40
[ 3490.374078]  mount_fs+0x106/0x3ff
[ 3490.377519]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3490.381998]  ? __init_waitqueue_head+0x36/0x90
18:27:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2074}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3490.386581]  vfs_kern_mount.part.0+0x6f/0x410
[ 3490.391079]  do_mount+0x581/0x2d30
[ 3490.394612]  ? finish_automount+0x461/0x490
[ 3490.398933]  ? copy_mount_string+0x40/0x40
[ 3490.403174]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3490.408018]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3490.413628]  ? copy_mount_options+0x30e/0x440
[ 3490.418121]  ksys_mount+0xdb/0x150
[ 3490.421654]  __x64_sys_mount+0xbe/0x150
[ 3490.425628]  do_syscall_64+0x103/0x610
[ 3490.429516]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3490.434694] RIP: 0033:0x45a8aa
18:27:58 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)

[ 3490.434713] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3490.434720] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3490.434732] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3490.434739] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3490.434747] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3490.434755] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3490.456813] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3490.473342] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3490.520850] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.522561] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:27:59 executing program 1 (fault-call:0 fault-nth:89):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x34000)

18:27:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x8000000}, 0x0)

18:27:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2130}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:59 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x03', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3490.729701] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.731514] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.744933] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3490.772836] FAULT_INJECTION: forcing a failure.
18:27:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x400300)

[ 3490.772836] name failslab, interval 1, probability 0, space 0, times 0
[ 3490.796009] bridge: RTM_NEWNEIGH with invalid state 0x0
18:27:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2188}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3490.812238] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.827329] CPU: 0 PID: 10621 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3490.837971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3490.847318] Call Trace:
[ 3490.849910]  dump_stack+0x172/0x1f0
[ 3490.853532]  should_fail.cold+0xa/0x1b
[ 3490.853548]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3490.853562]  ? lock_downgrade+0x810/0x810
[ 3490.853576]  ? ___might_sleep+0x163/0x280
[ 3490.853593]  __should_failslab+0x121/0x190
[ 3490.862547]  should_failslab+0x9/0x14
[ 3490.862560]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3490.862574]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[ 3490.878831]  __memcg_init_list_lru_node+0x8a/0x1e0
[ 3490.878845]  __list_lru_init+0x3d3/0x6e0
[ 3490.878862]  sget_userns+0x84d/0xd30
[ 3490.885517] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3490.901218]  ? kill_litter_super+0x60/0x60
[ 3490.913750]  ? ns_test_super+0x50/0x50
[ 3490.917631]  ? ns_test_super+0x50/0x50
[ 3490.921516]  ? kill_litter_super+0x60/0x60
[ 3490.925751]  sget+0x10c/0x150
[ 3490.928858]  mount_bdev+0xff/0x3c0
[ 3490.932403]  ? finish_unfinished+0x1120/0x1120
[ 3490.937108]  get_super_block+0x35/0x40
[ 3490.940989]  mount_fs+0x106/0x3ff
[ 3490.944439]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3490.948937]  ? __init_waitqueue_head+0x36/0x90
[ 3490.953517]  vfs_kern_mount.part.0+0x6f/0x410
[ 3490.958008]  do_mount+0x581/0x2d30
[ 3490.961544]  ? finish_automount+0x461/0x490
[ 3490.965859]  ? copy_mount_string+0x40/0x40
[ 3490.970076]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3490.974919]  ? _copy_from_user+0xdd/0x150
[ 3490.979060]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3490.984583]  ? copy_mount_options+0x30e/0x440
[ 3490.989076]  ksys_mount+0xdb/0x150
[ 3490.992618]  __x64_sys_mount+0xbe/0x150
[ 3490.992635]  do_syscall_64+0x103/0x610
[ 3490.992650]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3491.005629] RIP: 0033:0x45a8aa
[ 3491.008814] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3491.027706] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3491.035408] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3491.041151] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3491.042664] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3491.042673] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3491.042680] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
18:27:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xf0ffff)

18:27:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x1000000)

18:27:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xa000000}, 0x0)

[ 3491.042687] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:59 executing program 1 (fault-call:0 fault-nth:90):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x2000000)

18:27:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2570}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:27:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3491.146568] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3491.147188] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3491.214820] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3491.216949] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3491.259042] FAULT_INJECTION: forcing a failure.
[ 3491.259042] name failslab, interval 1, probability 0, space 0, times 0
[ 3491.286928] CPU: 1 PID: 10669 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3491.294207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3491.303547] Call Trace:
[ 3491.303572]  dump_stack+0x172/0x1f0
[ 3491.303591]  should_fail.cold+0xa/0x1b
[ 3491.303607]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3491.318747]  ? lock_downgrade+0x810/0x810
[ 3491.322889]  ? ___might_sleep+0x163/0x280
[ 3491.327030]  __should_failslab+0x121/0x190
[ 3491.327046]  should_failslab+0x9/0x14
[ 3491.327058]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3491.327071]  ? reacquire_held_locks+0xfb/0x520
[ 3491.344275]  ? sget_userns+0x208/0xd30
[ 3491.348167]  reiserfs_fill_super+0xfe/0x2eb0
[ 3491.352583]  ? finish_unfinished+0x1120/0x1120
[ 3491.357168]  ? up_write+0x1c/0x150
[ 3491.360712]  ? snprintf+0xbb/0xf0
[ 3491.364169]  ? vsprintf+0x40/0x40
[ 3491.367631]  ? wait_for_completion+0x440/0x440
[ 3491.372206]  ? ns_test_super+0x50/0x50
[ 3491.376087]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3491.381192]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3491.386736]  mount_bdev+0x307/0x3c0
[ 3491.390342]  ? finish_unfinished+0x1120/0x1120
[ 3491.394904]  get_super_block+0x35/0x40
[ 3491.398767]  mount_fs+0x106/0x3ff
[ 3491.402346]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3491.406819]  ? __init_waitqueue_head+0x36/0x90
[ 3491.411378]  vfs_kern_mount.part.0+0x6f/0x410
[ 3491.415848]  do_mount+0x581/0x2d30
[ 3491.419367]  ? finish_automount+0x461/0x490
[ 3491.423663]  ? copy_mount_string+0x40/0x40
[ 3491.427875]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3491.432798]  ? _copy_from_user+0xdd/0x150
[ 3491.436920]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3491.442428]  ? copy_mount_options+0x30e/0x440
[ 3491.446898]  ksys_mount+0xdb/0x150
[ 3491.450416]  __x64_sys_mount+0xbe/0x150
[ 3491.454369]  do_syscall_64+0x103/0x610
[ 3491.458236]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3491.463403] RIP: 0033:0x45a8aa
[ 3491.466588] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3491.485572] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3491.493253] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3491.500602] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
18:27:59 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x04', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:27:59 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xc000000}, 0x0)

18:27:59 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x3000000)

18:27:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:27:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x25e4}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3491.507876] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3491.515124] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3491.522365] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:27:59 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3491.554815] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3491.568515] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:28:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x4000000)

18:28:00 executing program 1 (fault-call:0 fault-nth:91):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:28:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2618}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:28:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xc150000}, 0x0)

[ 3491.572885] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3491.671981] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3491.672689] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3491.729132] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3491.751756] FAULT_INJECTION: forcing a failure.
[ 3491.751756] name failslab, interval 1, probability 0, space 0, times 0
[ 3491.781848] CPU: 1 PID: 10713 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3491.789045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3491.798386] Call Trace:
[ 3491.800972]  dump_stack+0x172/0x1f0
[ 3491.804605]  should_fail.cold+0xa/0x1b
[ 3491.808493]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3491.813595]  ? lock_downgrade+0x810/0x810
[ 3491.817738]  ? ___might_sleep+0x163/0x280
[ 3491.821883]  __should_failslab+0x121/0x190
[ 3491.826118]  should_failslab+0x9/0x14
[ 3491.829916]  kmem_cache_alloc_trace+0x2d1/0x760
[ 3491.834591]  ? trace_hardirqs_on+0x67/0x230
[ 3491.839008]  ? kasan_check_read+0x11/0x20
[ 3491.839027]  __alloc_workqueue_key+0x79c/0xe00
18:28:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2684}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:28:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x6000000)

[ 3491.847721]  ? _raw_spin_unlock_irqrestore+0xa4/0xe0
[ 3491.847752]  ? workqueue_sysfs_register+0x3f0/0x3f0
[ 3491.847767]  ? lockdep_init_map+0x10c/0x5b0
[ 3491.847780]  ? debug_mutex_init+0x2d/0x60
[ 3491.847800]  reiserfs_fill_super+0x377/0x2eb0
[ 3491.847825]  ? finish_unfinished+0x1120/0x1120
[ 3491.847838]  ? up_write+0x1c/0x150
[ 3491.847855]  ? snprintf+0xbb/0xf0
[ 3491.866346]  ? vsprintf+0x40/0x40
[ 3491.875380]  ? wait_for_completion+0x440/0x440
[ 3491.875392]  ? ns_test_super+0x50/0x50
[ 3491.875404]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3491.875419]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3491.875435]  mount_bdev+0x307/0x3c0
[ 3491.875449]  ? finish_unfinished+0x1120/0x1120
[ 3491.875463]  get_super_block+0x35/0x40
[ 3491.875477]  mount_fs+0x106/0x3ff
[ 3491.875492]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3491.904806]  ? __init_waitqueue_head+0x36/0x90
[ 3491.904833]  vfs_kern_mount.part.0+0x6f/0x410
[ 3491.904850]  do_mount+0x581/0x2d30
[ 3491.904863]  ? finish_automount+0x461/0x490
[ 3491.904881]  ? copy_mount_string+0x40/0x40
[ 3491.913134]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3491.913151]  ? _copy_from_user+0xdd/0x150
[ 3491.913167]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3491.960458]  ? copy_mount_options+0x30e/0x440
[ 3491.964954]  ksys_mount+0xdb/0x150
[ 3491.968489]  __x64_sys_mount+0xbe/0x150
[ 3491.972464]  do_syscall_64+0x103/0x610
[ 3491.976346]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3491.981522] RIP: 0033:0x45a8aa
[ 3491.984707] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3492.003602] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3492.011303] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3492.018562] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3492.025835] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3492.033087] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3492.040331] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
18:28:00 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x05', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:28:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

18:28:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x26c4}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:28:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0x8000000)

18:28:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xe000000}, 0x0)

[ 3492.049646] REISERFS warning (device loop1):  reiserfs_fill_super: Cannot allocate commit workqueue
18:28:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2bcc}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

[ 3492.105043] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3492.105823] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:28:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3492.152235] bridge: RTM_NEWNEIGH with invalid state 0x0
18:28:00 executing program 1 (fault-call:0 fault-nth:92):
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:28:00 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0xf000000}, 0x0)

18:28:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2bd4}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:28:00 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xa000000)

[ 3492.244320] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3492.249296] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3492.278087] bridge: RTM_NEWNEIGH with invalid state 0x0
18:28:00 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3492.369666] FAULT_INJECTION: forcing a failure.
[ 3492.369666] name failslab, interval 1, probability 0, space 0, times 0
[ 3492.393629] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3492.394687] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3492.407920] CPU: 1 PID: 10775 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3492.423414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3492.432749] Call Trace:
[ 3492.435324]  dump_stack+0x172/0x1f0
[ 3492.438934]  should_fail.cold+0xa/0x1b
[ 3492.442799]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[ 3492.447879]  ? lock_downgrade+0x810/0x810
[ 3492.452009]  ? ___might_sleep+0x163/0x280
[ 3492.456134]  __should_failslab+0x121/0x190
[ 3492.460343]  should_failslab+0x9/0x14
[ 3492.464128]  __kmalloc_track_caller+0x2d8/0x740
[ 3492.468785]  ? lockdep_init_map+0x10c/0x5b0
[ 3492.473083]  ? reiserfs_fill_super+0xb2b/0x2eb0
[ 3492.477730]  kstrdup+0x3a/0x70
[ 3492.480900]  reiserfs_fill_super+0xb2b/0x2eb0
[ 3492.485384]  ? finish_unfinished+0x1120/0x1120
[ 3492.489947]  ? up_write+0x1c/0x150
[ 3492.493562]  ? snprintf+0xbb/0xf0
[ 3492.496991]  ? vsprintf+0x40/0x40
[ 3492.500437]  ? wait_for_completion+0x440/0x440
[ 3492.505115]  ? ns_test_super+0x50/0x50
[ 3492.509084]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3492.514078]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3492.519599]  mount_bdev+0x307/0x3c0
[ 3492.523206]  ? finish_unfinished+0x1120/0x1120
[ 3492.527774]  get_super_block+0x35/0x40
[ 3492.531648]  mount_fs+0x106/0x3ff
[ 3492.535078]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3492.539560]  ? __init_waitqueue_head+0x36/0x90
[ 3492.544141]  vfs_kern_mount.part.0+0x6f/0x410
[ 3492.548623]  do_mount+0x581/0x2d30
[ 3492.552139]  ? finish_automount+0x461/0x490
[ 3492.556438]  ? copy_mount_string+0x40/0x40
[ 3492.560649]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3492.565486]  ? _copy_from_user+0xdd/0x150
[ 3492.569621]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3492.575134]  ? copy_mount_options+0x30e/0x440
[ 3492.579611]  ksys_mount+0xdb/0x150
[ 3492.583131]  __x64_sys_mount+0xbe/0x150
[ 3492.587098]  do_syscall_64+0x103/0x610
[ 3492.590978]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3492.596144] RIP: 0033:0x45a8aa
[ 3492.599319] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3492.618198] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3492.625894] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3492.633146] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3492.640394] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3492.647646] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3492.654903] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3492.669072] REISERFS warning (device loop1):  reiserfs_fill_super: Cannot allocate memory for journal device name
[ 3492.693375] ------------[ cut here ]------------
[ 3492.698357] kernel BUG at fs/reiserfs/lock.c:44!
[ 3492.699392] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 3492.708726] CPU: 1 PID: 10775 Comm: syz-executor1 Not tainted 5.0.0-rc5+ #61
[ 3492.713569] kobject: 'loop0' (00000000977e6064): fill_kobj_path: path = '/devices/virtual/block/loop0'
[ 3492.715911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 3492.715930] RIP: 0010:reiserfs_write_unlock+0xeb/0x110
[ 3492.715943] Code: 5d c3 e8 48 1f 89 ff 48 8d 7b 28 48 c7 83 a8 00 00 00 00 00 00 00 e8 04 23 1b 05 e8 2f 1f 89 ff 5b 41 5c 5d c3 e8 25 1f 89 ff <0f> 0b e8 7e 1a c0 ff eb a1 e8 97 1a c0 ff e9 33 ff ff ff e8 8d 1a
[ 3492.739216] kobject: 'loop2' (000000008df9ec1c): kobject_uevent_env
[ 3492.740404] RSP: 0018:ffff88805ff9fa10 EFLAGS: 00010246
[ 3492.740415] RAX: 0000000000040000 RBX: ffff8880a850adc0 RCX: ffffc90005df3000
[ 3492.740423] RDX: 0000000000040000 RSI: ffffffff81e6bbfb RDI: ffff8880a850ae68
[ 3492.740434] RBP: ffff88805ff9fa20 R08: 0000000000000065 R09: ffffed1015d23ef9
[ 3492.761444] kobject: 'loop2' (000000008df9ec1c): fill_kobj_path: path = '/devices/virtual/block/loop2'
[ 3492.765719] R10: ffffed1015d23ef8 R11: ffff8880ae91f7c7 R12: 00000000ffffffea
[ 3492.765727] R13: ffff88805c238b40 R14: ffff88805ff9fbc0 R15: ffff8880a850adc0
[ 3492.765737] FS:  00007f7c62556700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[ 3492.765750] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3492.765757] CR2: 0000000000625208 CR3: 00000000559d0000 CR4: 00000000001426e0
[ 3492.765767] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3492.845276] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 3492.852522] Call Trace:
[ 3492.855100]  reiserfs_fill_super+0x2b51/0x2eb0
[ 3492.859664]  ? finish_unfinished+0x1120/0x1120
[ 3492.864231]  ? up_write+0x1c/0x150
[ 3492.867757]  ? snprintf+0xbb/0xf0
[ 3492.871191]  ? vsprintf+0x40/0x40
[ 3492.874633]  ? wait_for_completion+0x440/0x440
[ 3492.879199]  ? ns_test_super+0x50/0x50
[ 3492.883068]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[ 3492.888065]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3492.893588]  mount_bdev+0x307/0x3c0
[ 3492.897204]  ? finish_unfinished+0x1120/0x1120
[ 3492.901768]  get_super_block+0x35/0x40
[ 3492.905629]  mount_fs+0x106/0x3ff
[ 3492.909060]  ? emergency_thaw_all+0x1a0/0x1a0
[ 3492.913540]  ? __init_waitqueue_head+0x36/0x90
[ 3492.918106]  vfs_kern_mount.part.0+0x6f/0x410
[ 3492.922579]  do_mount+0x581/0x2d30
[ 3492.926096]  ? finish_automount+0x461/0x490
[ 3492.930393]  ? copy_mount_string+0x40/0x40
[ 3492.934610]  ? kmem_cache_alloc_trace+0x354/0x760
[ 3492.939451]  ? _copy_from_user+0xdd/0x150
[ 3492.943664]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 3492.949173]  ? copy_mount_options+0x30e/0x440
[ 3492.953650]  ksys_mount+0xdb/0x150
[ 3492.957188]  __x64_sys_mount+0xbe/0x150
[ 3492.961245]  do_syscall_64+0x103/0x610
[ 3492.965124]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 3492.970294] RIP: 0033:0x45a8aa
[ 3492.973469] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 2d 8e fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 0a 8e fb ff c3 66 0f 1f 84 00 00 00 00 00
[ 3492.992461] RSP: 002b:00007f7c62555a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
[ 3493.000148] RAX: ffffffffffffffda RBX: 00007f7c62555b30 RCX: 000000000045a8aa
[ 3493.007401] RDX: 00007f7c62555ad0 RSI: 0000000020000040 RDI: 00007f7c62555af0
[ 3493.014745] RBP: 0000000020000040 R08: 00007f7c62555b30 R09: 00007f7c62555ad0
[ 3493.021999] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
[ 3493.029247] R13: 0000000000000000 R14: 00000000004dbc70 R15: 0000000000000003
[ 3493.036495] Modules linked in:
[ 3493.040946] ---[ end trace b55a2b82b5062736 ]---
[ 3493.045831] RIP: 0010:reiserfs_write_unlock+0xeb/0x110
[ 3493.051082] Code: 5d c3 e8 48 1f 89 ff 48 8d 7b 28 48 c7 83 a8 00 00 00 00 00 00 00 e8 04 23 1b 05 e8 2f 1f 89 ff 5b 41 5c 5d c3 e8 25 1f 89 ff <0f> 0b e8 7e 1a c0 ff eb a1 e8 97 1a c0 ff e9 33 ff ff ff e8 8d 1a
[ 3493.070050] RSP: 0018:ffff88805ff9fa10 EFLAGS: 00010246
[ 3493.075423] RAX: 0000000000040000 RBX: ffff8880a850adc0 RCX: ffffc90005df3000
[ 3493.082675] RDX: 0000000000040000 RSI: ffffffff81e6bbfb RDI: ffff8880a850ae68
[ 3493.084611] kobject: 'loop3' (0000000071d8159b): kobject_uevent_env
[ 3493.090352] RBP: ffff88805ff9fa20 R08: 0000000000000065 R09: ffffed1015d23ef9
[ 3493.098422] kobject: 'loop3' (0000000071d8159b): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 3493.103667] R10: ffffed1015d23ef8 R11: ffff8880ae91f7c7 R12: 00000000ffffffea
18:28:01 executing program 3:
socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x06', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001640)=ANY=[@ANYBLOB='jdev=.'])

18:28:01 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0x3b, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x226}, 0x1, 0x0, 0x0, 0x10000000}, 0x0)

18:28:01 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xc000000)

18:28:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2bdc}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:28:01 executing program 5:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = dup(r0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000e40)=@broute={'broute\x00', 0x20, 0x3, 0x200, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000140], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x7, 0x0, 0x0, 'bond0\x00', 'nlmon0\x00', 'rose0\x00', 'rose0\x00', @empty, [], @broadcast, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe, 0x1, [{{{0x1f, 0x0, 0x0, 'bridge_slave_1\x00', 'ip_vti0\x00', 'vcan0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00', 'gre0\x00', @remote, [], @random="f9673fea01b3", [], 0x70, 0xa0, 0xd0}, [@common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}}]}]}, 0x278)

[ 3493.120348] R13: ffff88805c238b40 R14: ffff88805ff9fbc0 R15: ffff8880a850adc0
[ 3493.128395] FS:  00007f7c62556700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
[ 3493.136678] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3493.142550] CR2: 0000000000625208 CR3: 00000000559d0000 CR4: 00000000001426e0
[ 3493.161165] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
18:28:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
sendto(r0, &(0x7f0000000000)="120000001200e5ef00070017eeac443e3192", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xdf6, &(0x7f0000000380)=[{&(0x7f0000000040)=""/95, 0x157}, {&(0x7f00000000c0)=""/85, 0x630}, {&(0x7f0000000fc0)=""/4096, 0x2be4}, {&(0x7f0000000400)=""/120, 0x107c}, {&(0x7f0000000480)=""/60, 0x3c}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f0000000540)=""/154, 0x18a}, {&(0x7f0000000280)=""/22, 0x15}], 0x3a0, &(0x7f0000002400)=""/191, 0xbf}}], 0x400000000000228, 0x6, &(0x7f0000003700)={0x77359400})

18:28:01 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000)={0x10, 0xf000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x1c, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r3}}, 0x1c}}, 0xe000000)

[ 3493.162565] kernel msg: ebtables bug: please report to author: counter_offset != totalcnt
[ 3493.171592] bridge: RTM_NEWNEIGH with invalid state 0x0
[ 3493.176818] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3493.188338] kobject: 'loop3' (0000000071d8159b): kobject_uevent_env
[ 3493.208250] kobject: 'loop3' (0000000071d8159b): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 3493.223829] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 3493.224053] kobject: 'loop1' (00000000ad33aa5f): kobject_uevent_env
[ 3493.231241] Kernel panic - not syncing: Fatal exception
[ 3493.242457] kobject: 'loop1' (00000000ad33aa5f): fill_kobj_path: path = '/devices/virtual/block/loop1'
[ 3493.244280] Kernel Offset: disabled
[ 3493.257308] Rebooting in 86400 seconds..