)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  296.429704][T14923] FAULT_INJECTION: forcing a failure.
[  296.429704][T14923] name failslab, interval 1, probability 0, space 0, times 0
[  296.455855][T14923] CPU: 1 PID: 14923 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  296.463869][T14923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  296.473934][T14923] Call Trace:
[  296.477242][T14923]  dump_stack+0x172/0x1f0
[  296.481596][T14923]  should_fail.cold+0xa/0x15
[  296.481620][T14923]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  296.481648][T14923]  ? ___might_sleep+0x163/0x280
[  296.481669][T14923]  __should_failslab+0x121/0x190
[  296.481687][T14923]  should_failslab+0x9/0x14
[  296.481704][T14923]  kmem_cache_alloc+0x2b2/0x6f0
[  296.481730][T14923]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  296.492156][T14923]  ? __validate_process_creds+0x22d/0x380
[  296.492177][T14923]  prepare_creds+0x3e/0x3f0
[  296.492195][T14923]  copy_creds+0x7b/0x6c0
[  296.492216][T14923]  copy_process.part.0+0xb54/0x7980
[  296.492231][T14923]  ? get_pid_task+0xc9/0x190
[  296.492247][T14923]  ? find_held_lock+0x35/0x130
[  296.492260][T14923]  ? get_pid_task+0xc9/0x190
[  296.492276][T14923]  ? __f_unlock_pos+0x19/0x20
[  296.492291][T14923]  ? find_held_lock+0x35/0x130
[  296.492314][T14923]  ? __cleanup_sighand+0x60/0x60
[  296.565558][T14923]  ? lock_downgrade+0x880/0x880
[  296.570430][T14923]  ? kasan_check_write+0x14/0x20
03:37:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="221b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:42 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="221c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:42 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x4, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  296.575384][T14923]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  296.580954][T14923]  _do_fork+0x257/0xfd0
[  296.580985][T14923]  ? fork_idle+0x1d0/0x1d0
[  296.589571][T14923]  ? fput+0x1b/0x20
[  296.589588][T14923]  ? ksys_write+0x166/0x1f0
[  296.589611][T14923]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  296.603357][T14923]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  296.608838][T14923]  ? do_syscall_64+0x26/0x610
[  296.613535][T14923]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  296.619626][T14923]  ? do_syscall_64+0x26/0x610
[  296.624334][T14923]  __x64_sys_clone+0xbf/0x150
03:37:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="221d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:42 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x5, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  296.630296][T14923]  do_syscall_64+0x103/0x610
[  296.637073][T14923]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  296.642970][T14923] RIP: 0033:0x4582b9
[  296.646881][T14923] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  296.666497][T14923] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  296.674922][T14923] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  296.682902][T14923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  296.682911][T14923] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  296.682920][T14923] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  296.682928][T14923] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:45 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
tkill(r2, 0x1000000000016)

03:37:45 executing program 3:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[0x0])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:37:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="221e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:45 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x6, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:45 executing program 1 (fault-call:3 fault-nth:3):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:45 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x3f00, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="221f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  299.477085][T14963] FAULT_INJECTION: forcing a failure.
[  299.477085][T14963] name failslab, interval 1, probability 0, space 0, times 0
[  299.494161][T14963] CPU: 0 PID: 14963 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  299.502160][T14963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  299.502168][T14963] Call Trace:
[  299.502195][T14963]  dump_stack+0x172/0x1f0
[  299.502218][T14963]  should_fail.cold+0xa/0x15
[  299.502243][T14963]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  299.524505][T14963]  ? ___might_sleep+0x163/0x280
[  299.524526][T14963]  __should_failslab+0x121/0x190
[  299.524547][T14963]  should_failslab+0x9/0x14
[  299.544614][T14963]  __kmalloc+0x2dc/0x740
[  299.548875][T14963]  ? refcount_inc_not_zero_checked+0x144/0x200
[  299.555064][T14963]  ? refcount_dec_and_mutex_lock+0x90/0x90
[  299.560894][T14963]  ? security_prepare_creds+0x123/0x190
[  299.566456][T14963]  security_prepare_creds+0x123/0x190
[  299.571856][T14963]  prepare_creds+0x2f5/0x3f0
03:37:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  299.576473][T14963]  copy_creds+0x7b/0x6c0
[  299.580737][T14963]  copy_process.part.0+0xb54/0x7980
[  299.585965][T14963]  ? get_pid_task+0xc9/0x190
[  299.590574][T14963]  ? find_held_lock+0x35/0x130
[  299.595349][T14963]  ? get_pid_task+0xc9/0x190
[  299.599971][T14963]  ? __f_unlock_pos+0x19/0x20
[  299.604661][T14963]  ? find_held_lock+0x35/0x130
[  299.609445][T14963]  ? __cleanup_sighand+0x60/0x60
[  299.614410][T14963]  ? lock_downgrade+0x880/0x880
[  299.619292][T14963]  ? kasan_check_write+0x14/0x20
[  299.624242][T14963]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  299.629813][T14963]  _do_fork+0x257/0xfd0
[  299.635216][T14963]  ? fork_idle+0x1d0/0x1d0
[  299.635231][T14963]  ? fput+0x1b/0x20
[  299.635247][T14963]  ? ksys_write+0x166/0x1f0
[  299.635273][T14963]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  299.648021][T14963]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  299.648038][T14963]  ? do_syscall_64+0x26/0x610
[  299.648060][T14963]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  299.669706][T14963]  ? do_syscall_64+0x26/0x610
03:37:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  299.674402][T14963]  __x64_sys_clone+0xbf/0x150
[  299.679116][T14963]  do_syscall_64+0x103/0x610
[  299.683727][T14963]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  299.689627][T14963] RIP: 0033:0x4582b9
[  299.693534][T14963] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  299.713150][T14963] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:37:45 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x8, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  299.713166][T14963] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  299.713173][T14963] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  299.713202][T14963] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  299.713209][T14963] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  299.713217][T14963] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:48 executing program 1 (fault-call:3 fault-nth:4):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:48 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0xb, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:48 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:48 executing program 3:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x2, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:37:48 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x1000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:48 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x10, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  302.541888][T15005] FAULT_INJECTION: forcing a failure.
[  302.541888][T15005] name failslab, interval 1, probability 0, space 0, times 0
[  302.579509][T15005] CPU: 0 PID: 15005 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  302.587522][T15005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  302.587529][T15005] Call Trace:
[  302.587556][T15005]  dump_stack+0x172/0x1f0
[  302.587581][T15005]  should_fail.cold+0xa/0x15
[  302.587602][T15005]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  302.587628][T15005]  ? ___might_sleep+0x163/0x280
[  302.587652][T15005]  __should_failslab+0x121/0x190
[  302.620550][T15005]  should_failslab+0x9/0x14
[  302.620568][T15005]  kmem_cache_alloc+0x2b2/0x6f0
03:37:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  302.620586][T15005]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  302.620611][T15005]  __delayacct_tsk_init+0x20/0x80
[  302.620629][T15005]  copy_process.part.0+0x3535/0x7980
[  302.620648][T15005]  ? get_pid_task+0xc9/0x190
[  302.661619][T15005]  ? find_held_lock+0x35/0x130
[  302.666403][T15005]  ? get_pid_task+0xc9/0x190
[  302.671012][T15005]  ? __f_unlock_pos+0x19/0x20
[  302.675717][T15005]  ? find_held_lock+0x35/0x130
[  302.680505][T15005]  ? __cleanup_sighand+0x60/0x60
[  302.685456][T15005]  ? lock_downgrade+0x880/0x880
03:37:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  302.690368][T15005]  ? kasan_check_write+0x14/0x20
[  302.695318][T15005]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  302.700889][T15005]  _do_fork+0x257/0xfd0
[  302.705073][T15005]  ? fork_idle+0x1d0/0x1d0
[  302.709497][T15005]  ? fput+0x1b/0x20
[  302.713342][T15005]  ? ksys_write+0x166/0x1f0
[  302.717860][T15005]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  302.717885][T15005]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  302.717901][T15005]  ? do_syscall_64+0x26/0x610
[  302.717917][T15005]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  302.717932][T15005]  ? do_syscall_64+0x26/0x610
[  302.717951][T15005]  __x64_sys_clone+0xbf/0x150
[  302.717970][T15005]  do_syscall_64+0x103/0x610
[  302.717990][T15005]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  302.728980][T15005] RIP: 0033:0x4582b9
[  302.728996][T15005] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  302.729004][T15005] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:37:48 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x11, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:48 executing program 3:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x2, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

[  302.729019][T15005] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  302.729028][T15005] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  302.729037][T15005] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  302.729046][T15005] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  302.729055][T15005] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:49 executing program 1 (fault-call:3 fault-nth:5):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:49 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x12, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  302.984058][T15039] FAULT_INJECTION: forcing a failure.
[  302.984058][T15039] name failslab, interval 1, probability 0, space 0, times 0
[  303.029611][T15039] CPU: 0 PID: 15039 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  303.037630][T15039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  303.047694][T15039] Call Trace:
[  303.051011][T15039]  dump_stack+0x172/0x1f0
[  303.055351][T15039]  should_fail.cold+0xa/0x15
[  303.059996][T15039]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  303.065914][T15039]  ? ___might_sleep+0x163/0x280
[  303.070750][T15039]  __should_failslab+0x121/0x190
[  303.075683][T15039]  should_failslab+0x9/0x14
[  303.080181][T15039]  __kmalloc+0x2dc/0x740
[  303.084412][T15039]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  303.090658][T15039]  ? audit_alloc+0xae/0x750
[  303.095150][T15039]  ? security_task_alloc+0x117/0x180
[  303.100440][T15039]  security_task_alloc+0x117/0x180
[  303.105539][T15039]  copy_process.part.0+0x1ddd/0x7980
[  303.110810][T15039]  ? get_pid_task+0xc9/0x190
[  303.115385][T15039]  ? find_held_lock+0x35/0x130
[  303.120131][T15039]  ? get_pid_task+0xc9/0x190
[  303.124713][T15039]  ? __f_unlock_pos+0x19/0x20
[  303.129396][T15039]  ? __cleanup_sighand+0x60/0x60
[  303.134320][T15039]  ? lock_downgrade+0x880/0x880
[  303.139158][T15039]  ? kasan_check_write+0x14/0x20
[  303.144079][T15039]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  303.149614][T15039]  _do_fork+0x257/0xfd0
[  303.153755][T15039]  ? fork_idle+0x1d0/0x1d0
[  303.158162][T15039]  ? fput+0x1b/0x20
[  303.161960][T15039]  ? ksys_write+0x166/0x1f0
[  303.166450][T15039]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  303.171915][T15039]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  303.177354][T15039]  ? do_syscall_64+0x26/0x610
[  303.182014][T15039]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  303.188064][T15039]  ? do_syscall_64+0x26/0x610
[  303.192736][T15039]  __x64_sys_clone+0xbf/0x150
[  303.197403][T15039]  do_syscall_64+0x103/0x610
[  303.202017][T15039]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  303.207894][T15039] RIP: 0033:0x4582b9
[  303.211784][T15039] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  303.231381][T15039] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  303.239791][T15039] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  303.247753][T15039] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  303.255726][T15039] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  303.263684][T15039] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  303.271639][T15039] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:51 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:51 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x2000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:51 executing program 3:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x2, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:37:51 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x13, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:51 executing program 1 (fault-call:3 fault-nth:6):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  305.671818][T15053] FAULT_INJECTION: forcing a failure.
[  305.671818][T15053] name failslab, interval 1, probability 0, space 0, times 0
[  305.700722][T15053] CPU: 0 PID: 15053 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  305.708734][T15053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  305.718824][T15053] Call Trace:
03:37:51 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x14, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  305.722244][T15053]  dump_stack+0x172/0x1f0
[  305.726700][T15053]  should_fail.cold+0xa/0x15
[  305.731322][T15053]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  305.737161][T15053]  ? ___might_sleep+0x163/0x280
[  305.742933][T15053]  __should_failslab+0x121/0x190
[  305.748156][T15053]  should_failslab+0x9/0x14
[  305.752675][T15053]  kmem_cache_alloc+0x2b2/0x6f0
[  305.757536][T15053]  ? rcu_read_lock_sched_held+0x110/0x130
[  305.763273][T15053]  ? __kmalloc+0x5d5/0x740
[  305.767719][T15053]  dup_fd+0x85/0xb30
03:37:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222a01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  305.771637][T15053]  ? kasan_check_write+0x14/0x20
[  305.776673][T15053]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  305.782931][T15053]  ? security_task_alloc+0xf3/0x180
[  305.788161][T15053]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  305.794431][T15053]  copy_process.part.0+0x1e92/0x7980
[  305.799731][T15053]  ? get_pid_task+0xc9/0x190
[  305.804343][T15053]  ? find_held_lock+0x35/0x130
[  305.809130][T15053]  ? get_pid_task+0xc9/0x190
[  305.813743][T15053]  ? __f_unlock_pos+0x19/0x20
03:37:51 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x15, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  305.818443][T15053]  ? __cleanup_sighand+0x60/0x60
[  305.823411][T15053]  ? lock_downgrade+0x880/0x880
[  305.828282][T15053]  ? kasan_check_write+0x14/0x20
[  305.833226][T15053]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  305.833249][T15053]  _do_fork+0x257/0xfd0
[  305.833271][T15053]  ? fork_idle+0x1d0/0x1d0
[  305.833287][T15053]  ? fput+0x1b/0x20
[  305.833303][T15053]  ? ksys_write+0x166/0x1f0
[  305.833322][T15053]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  305.833338][T15053]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  305.833352][T15053]  ? do_syscall_64+0x26/0x610
[  305.833366][T15053]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  305.833379][T15053]  ? do_syscall_64+0x26/0x610
[  305.833398][T15053]  __x64_sys_clone+0xbf/0x150
[  305.833417][T15053]  do_syscall_64+0x103/0x610
[  305.833435][T15053]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  305.833453][T15053] RIP: 0033:0x4582b9
[  305.901516][T15053] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:37:52 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:52 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x16, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  305.921228][T15053] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  305.929649][T15053] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  305.937894][T15053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  305.945906][T15053] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  305.953891][T15053] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  305.961887][T15053] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:54 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:54 executing program 1 (fault-call:3 fault-nth:7):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:54 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x3000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:54 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x17, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:54 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:54 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x18, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  308.735725][T15091] FAULT_INJECTION: forcing a failure.
[  308.735725][T15091] name failslab, interval 1, probability 0, space 0, times 0
03:37:54 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  308.807038][T15091] CPU: 0 PID: 15091 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  308.815063][T15091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  308.825308][T15091] Call Trace:
[  308.828640][T15091]  dump_stack+0x172/0x1f0
[  308.833026][T15091]  should_fail.cold+0xa/0x15
[  308.837640][T15091]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  308.843587][T15091]  ? ___might_sleep+0x163/0x280
[  308.848466][T15091]  __should_failslab+0x121/0x190
03:37:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="222f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  308.853592][T15091]  should_failslab+0x9/0x14
[  308.858109][T15091]  kmem_cache_alloc_trace+0x2d1/0x760
[  308.863499][T15091]  ? lock_downgrade+0x880/0x880
[  308.868403][T15091]  alloc_fdtable+0x86/0x290
[  308.872936][T15091]  dup_fd+0x743/0xb30
[  308.876948][T15091]  copy_process.part.0+0x1e92/0x7980
[  308.882336][T15091]  ? get_pid_task+0xc9/0x190
[  308.886968][T15091]  ? find_held_lock+0x35/0x130
[  308.891758][T15091]  ? get_pid_task+0xc9/0x190
[  308.896373][T15091]  ? __f_unlock_pos+0x19/0x20
[  308.901074][T15091]  ? __cleanup_sighand+0x60/0x60
03:37:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  308.906105][T15091]  ? lock_downgrade+0x880/0x880
[  308.910979][T15091]  ? kasan_check_write+0x14/0x20
[  308.915933][T15091]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  308.921505][T15091]  _do_fork+0x257/0xfd0
[  308.925709][T15091]  ? fork_idle+0x1d0/0x1d0
[  308.930140][T15091]  ? fput+0x1b/0x20
[  308.933961][T15091]  ? ksys_write+0x166/0x1f0
[  308.938580][T15091]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  308.944235][T15091]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  308.949703][T15091]  ? do_syscall_64+0x26/0x610
[  308.954394][T15091]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  308.960483][T15091]  ? do_syscall_64+0x26/0x610
[  308.965178][T15091]  __x64_sys_clone+0xbf/0x150
[  308.969881][T15091]  do_syscall_64+0x103/0x610
[  308.974502][T15091]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  308.980410][T15091] RIP: 0033:0x4582b9
[  308.984315][T15091] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  309.003965][T15091] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  309.003980][T15091] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  309.003989][T15091] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  309.003997][T15091] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  309.004006][T15091] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  309.004014][T15091] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:55 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:37:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:55 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x19, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:55 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x4000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:55 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:55 executing program 1 (fault-call:3 fault-nth:8):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:55 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x1a, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  309.643405][T15137] FAULT_INJECTION: forcing a failure.
[  309.643405][T15137] name failslab, interval 1, probability 0, space 0, times 0
[  309.671463][T15137] CPU: 1 PID: 15137 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  309.679596][T15137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  309.689660][T15137] Call Trace:
[  309.692977][T15137]  dump_stack+0x172/0x1f0
[  309.697329][T15137]  should_fail.cold+0xa/0x15
[  309.701953][T15137]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  309.707784][T15137]  ? ___might_sleep+0x163/0x280
[  309.712649][T15137]  __should_failslab+0x121/0x190
[  309.717598][T15137]  should_failslab+0x9/0x14
[  309.722123][T15137]  kmem_cache_alloc_node_trace+0x270/0x720
[  309.727949][T15137]  __kmalloc_node+0x3d/0x70
[  309.732558][T15137]  kvmalloc_node+0x68/0x100
[  309.737072][T15137]  alloc_fdtable+0xd6/0x290
03:37:55 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x1b, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  309.743119][T15137]  dup_fd+0x743/0xb30
[  309.747142][T15137]  copy_process.part.0+0x1e92/0x7980
[  309.752447][T15137]  ? get_pid_task+0xc9/0x190
[  309.757048][T15137]  ? find_held_lock+0x35/0x130
[  309.761830][T15137]  ? get_pid_task+0xc9/0x190
[  309.766433][T15137]  ? __f_unlock_pos+0x19/0x20
[  309.771161][T15137]  ? __cleanup_sighand+0x60/0x60
[  309.776112][T15137]  ? lock_downgrade+0x880/0x880
[  309.780981][T15137]  ? kasan_check_write+0x14/0x20
[  309.785939][T15137]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  309.791514][T15137]  _do_fork+0x257/0xfd0
[  309.791537][T15137]  ? fork_idle+0x1d0/0x1d0
[  309.791553][T15137]  ? fput+0x1b/0x20
[  309.791569][T15137]  ? ksys_write+0x166/0x1f0
[  309.791588][T15137]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  309.791603][T15137]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  309.791618][T15137]  ? do_syscall_64+0x26/0x610
[  309.791632][T15137]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  309.791645][T15137]  ? do_syscall_64+0x26/0x610
[  309.791663][T15137]  __x64_sys_clone+0xbf/0x150
[  309.791681][T15137]  do_syscall_64+0x103/0x610
[  309.791699][T15137]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  309.791711][T15137] RIP: 0033:0x4582b9
[  309.791726][T15137] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  309.791734][T15137] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  309.791755][T15137] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:37:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:56 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x1c, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:56 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x1d, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  309.800318][T15137] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  309.800327][T15137] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  309.800336][T15137] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  309.800345][T15137] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:56 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:37:56 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:56 executing program 1 (fault-call:3 fault-nth:9):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:56 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x1e, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:56 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x5000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:56 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x21, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  310.550241][T15179] FAULT_INJECTION: forcing a failure.
[  310.550241][T15179] name failslab, interval 1, probability 0, space 0, times 0
[  310.566922][T15179] CPU: 0 PID: 15179 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  310.575003][T15179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  310.575010][T15179] Call Trace:
[  310.575035][T15179]  dump_stack+0x172/0x1f0
[  310.575061][T15179]  should_fail.cold+0xa/0x15
[  310.575082][T15179]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  310.575104][T15179]  ? ___might_sleep+0x163/0x280
[  310.575125][T15179]  __should_failslab+0x121/0x190
[  310.575141][T15179]  should_failslab+0x9/0x14
[  310.575160][T15179]  kmem_cache_alloc_node_trace+0x270/0x720
[  310.575177][T15179]  ? kasan_unpoison_shadow+0x35/0x50
[  310.575196][T15179]  ? __kasan_kmalloc.constprop.0+0xcf/0xe0
[  310.575215][T15179]  __kmalloc_node+0x3d/0x70
[  310.575235][T15179]  kvmalloc_node+0x68/0x100
[  310.575252][T15179]  alloc_fdtable+0x142/0x290
[  310.575279][T15179]  dup_fd+0x743/0xb30
[  310.613073][T15179]  copy_process.part.0+0x1e92/0x7980
[  310.638032][T15179]  ? get_pid_task+0xc9/0x190
[  310.638048][T15179]  ? find_held_lock+0x35/0x130
[  310.638062][T15179]  ? get_pid_task+0xc9/0x190
[  310.638080][T15179]  ? __f_unlock_pos+0x19/0x20
[  310.638115][T15179]  ? __cleanup_sighand+0x60/0x60
[  310.680067][T15179]  ? lock_downgrade+0x880/0x880
[  310.680095][T15179]  ? kasan_check_write+0x14/0x20
[  310.680112][T15179]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  310.680134][T15179]  _do_fork+0x257/0xfd0
[  310.704587][T15179]  ? fork_idle+0x1d0/0x1d0
[  310.709017][T15179]  ? fput+0x1b/0x20
[  310.712863][T15179]  ? ksys_write+0x166/0x1f0
[  310.717390][T15179]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  310.722867][T15179]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  310.728353][T15179]  ? do_syscall_64+0x26/0x610
[  310.733081][T15179]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  310.739248][T15179]  ? do_syscall_64+0x26/0x610
[  310.743944][T15179]  __x64_sys_clone+0xbf/0x150
03:37:56 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x22, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:56 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x23, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  310.748641][T15179]  do_syscall_64+0x103/0x610
[  310.753710][T15179]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  310.759623][T15179] RIP: 0033:0x4582b9
[  310.763641][T15179] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  310.783258][T15179] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  310.783273][T15179] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:37:56 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2a, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  310.783282][T15179] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  310.783290][T15179] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  310.783299][T15179] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  310.783308][T15179] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:57 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:37:57 executing program 1 (fault-call:3 fault-nth:10):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:57 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:57 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x7000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:57 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2b, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  311.448158][T15226] FAULT_INJECTION: forcing a failure.
[  311.448158][T15226] name failslab, interval 1, probability 0, space 0, times 0
[  311.468358][T15226] CPU: 0 PID: 15226 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  311.476381][T15226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  311.476388][T15226] Call Trace:
[  311.476415][T15226]  dump_stack+0x172/0x1f0
03:37:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  311.476438][T15226]  should_fail.cold+0xa/0x15
[  311.498677][T15226]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  311.498700][T15226]  ? ___might_sleep+0x163/0x280
[  311.498721][T15226]  __should_failslab+0x121/0x190
[  311.514599][T15226]  should_failslab+0x9/0x14
[  311.519230][T15226]  kmem_cache_alloc+0x2b2/0x6f0
[  311.524096][T15226]  ? dup_fd+0x5c1/0xb30
[  311.528272][T15226]  copy_fs_struct+0x43/0x2d0
[  311.532891][T15226]  copy_process.part.0+0x37a7/0x7980
[  311.538194][T15226]  ? get_pid_task+0xc9/0x190
[  311.542802][T15226]  ? find_held_lock+0x35/0x130
03:37:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  311.547599][T15226]  ? get_pid_task+0xc9/0x190
[  311.552204][T15226]  ? __f_unlock_pos+0x19/0x20
[  311.556912][T15226]  ? __cleanup_sighand+0x60/0x60
[  311.561862][T15226]  ? lock_downgrade+0x880/0x880
[  311.566743][T15226]  ? kasan_check_write+0x14/0x20
[  311.566762][T15226]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  311.566785][T15226]  _do_fork+0x257/0xfd0
[  311.566826][T15226]  ? fork_idle+0x1d0/0x1d0
[  311.566842][T15226]  ? fput+0x1b/0x20
[  311.566867][T15226]  ? ksys_write+0x166/0x1f0
03:37:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223a01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  311.577355][T15226]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  311.577372][T15226]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  311.577387][T15226]  ? do_syscall_64+0x26/0x610
[  311.577408][T15226]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  311.616076][T15226]  ? do_syscall_64+0x26/0x610
[  311.620792][T15226]  __x64_sys_clone+0xbf/0x150
[  311.625504][T15226]  do_syscall_64+0x103/0x610
[  311.630138][T15226]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  311.636885][T15226] RIP: 0033:0x4582b9
03:37:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  311.640792][T15226] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  311.660413][T15226] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  311.668920][T15226] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  311.676905][T15226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  311.684886][T15226] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
03:37:57 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2c, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  311.692872][T15226] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  311.700862][T15226] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:58 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:58 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2d, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:58 executing program 1 (fault-call:3 fault-nth:11):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:58 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:58 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x8000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  312.330193][T15255] FAULT_INJECTION: forcing a failure.
[  312.330193][T15255] name failslab, interval 1, probability 0, space 0, times 0
[  312.349384][T15255] CPU: 1 PID: 15255 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  312.357387][T15255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  312.367452][T15255] Call Trace:
[  312.370759][T15255]  dump_stack+0x172/0x1f0
[  312.375120][T15255]  should_fail.cold+0xa/0x15
[  312.379727][T15255]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  312.385554][T15255]  ? ___might_sleep+0x163/0x280
[  312.390430][T15255]  __should_failslab+0x121/0x190
[  312.395471][T15255]  should_failslab+0x9/0x14
[  312.399987][T15255]  kmem_cache_alloc+0x2b2/0x6f0
[  312.404847][T15255]  ? do_raw_spin_unlock+0x57/0x270
[  312.409971][T15255]  ? _raw_spin_unlock+0x2d/0x50
[  312.414832][T15255]  copy_process.part.0+0x1fff/0x7980
[  312.414852][T15255]  ? get_pid_task+0xc9/0x190
[  312.414867][T15255]  ? find_held_lock+0x35/0x130
03:37:58 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2e, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  312.414880][T15255]  ? get_pid_task+0xc9/0x190
[  312.414897][T15255]  ? __f_unlock_pos+0x19/0x20
[  312.414923][T15255]  ? __cleanup_sighand+0x60/0x60
[  312.414938][T15255]  ? lock_downgrade+0x880/0x880
[  312.414964][T15255]  ? kasan_check_write+0x14/0x20
[  312.414986][T15255]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  312.429619][T15255]  _do_fork+0x257/0xfd0
[  312.429641][T15255]  ? fork_idle+0x1d0/0x1d0
[  312.429660][T15255]  ? fput+0x1b/0x20
[  312.471778][T15255]  ? ksys_write+0x166/0x1f0
03:37:58 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x2f, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  312.476298][T15255]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  312.481764][T15255]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  312.487232][T15255]  ? do_syscall_64+0x26/0x610
[  312.491931][T15255]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  312.498001][T15255]  ? do_syscall_64+0x26/0x610
[  312.498024][T15255]  __x64_sys_clone+0xbf/0x150
[  312.498043][T15255]  do_syscall_64+0x103/0x610
[  312.498065][T15255]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  312.517869][T15255] RIP: 0033:0x4582b9
[  312.517885][T15255] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  312.517894][T15255] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  312.517909][T15255] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  312.517917][T15255] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  312.517934][T15255] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
03:37:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:58 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x31, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  312.573725][T15255] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  312.581697][T15255] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:58 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:58 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:58 executing program 1 (fault-call:3 fault-nth:12):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="223f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:58 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0xe000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:58 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x32, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  312.807589][T15295] FAULT_INJECTION: forcing a failure.
[  312.807589][T15295] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  312.820823][T15295] CPU: 0 PID: 15295 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  312.828820][T15295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  312.838885][T15295] Call Trace:
[  312.842196][T15295]  dump_stack+0x172/0x1f0
[  312.846550][T15295]  should_fail.cold+0xa/0x15
[  312.851163][T15295]  ? fault_create_debugfs_attr+0x1e0/0x1e0
03:37:58 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x33, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  312.856979][T15295]  ? percpu_ref_tryget_live+0xef/0x290
[  312.862469][T15295]  should_fail_alloc_page+0x50/0x60
[  312.867680][T15295]  __alloc_pages_nodemask+0x1a1/0x7e0
[  312.873071][T15295]  ? find_held_lock+0x35/0x130
[  312.877852][T15295]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  312.883633][T15295]  cache_grow_begin+0x9c/0x860
[  312.888426][T15295]  ? copy_process.part.0+0x1fff/0x7980
[  312.893900][T15295]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  312.900155][T15295]  kmem_cache_alloc+0x62d/0x6f0
03:37:59 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x35, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  312.905020][T15295]  ? do_raw_spin_unlock+0x57/0x270
[  312.910147][T15295]  copy_process.part.0+0x1fff/0x7980
[  312.915450][T15295]  ? get_pid_task+0xc9/0x190
[  312.920051][T15295]  ? find_held_lock+0x35/0x130
[  312.924823][T15295]  ? get_pid_task+0xc9/0x190
[  312.929432][T15295]  ? __f_unlock_pos+0x19/0x20
[  312.934128][T15295]  ? __cleanup_sighand+0x60/0x60
[  312.934145][T15295]  ? lock_downgrade+0x880/0x880
[  312.934170][T15295]  ? kasan_check_write+0x14/0x20
[  312.934192][T15295]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  312.943957][T15295]  _do_fork+0x257/0xfd0
[  312.943979][T15295]  ? fork_idle+0x1d0/0x1d0
[  312.944005][T15295]  ? fput+0x1b/0x20
[  312.966820][T15295]  ? ksys_write+0x166/0x1f0
[  312.971339][T15295]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  312.971356][T15295]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  312.971372][T15295]  ? do_syscall_64+0x26/0x610
[  312.971387][T15295]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  312.971401][T15295]  ? do_syscall_64+0x26/0x610
[  312.971423][T15295]  __x64_sys_clone+0xbf/0x150
[  312.971441][T15295]  do_syscall_64+0x103/0x610
[  312.971460][T15295]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  312.971478][T15295] RIP: 0033:0x4582b9
[  312.982384][T15295] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  312.982393][T15295] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  312.982407][T15295] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:37:59 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x36, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  312.982416][T15295] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  312.982425][T15295] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  312.982434][T15295] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  312.982455][T15295] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:59 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:59 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:59 executing program 1 (fault-call:3 fault-nth:13):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:59 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x37, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  313.294986][T15331] FAULT_INJECTION: forcing a failure.
[  313.294986][T15331] name failslab, interval 1, probability 0, space 0, times 0
[  313.337007][T15331] CPU: 1 PID: 15331 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  313.345017][T15331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  313.355091][T15331] Call Trace:
[  313.358397][T15331]  dump_stack+0x172/0x1f0
[  313.362874][T15331]  should_fail.cold+0xa/0x15
[  313.367470][T15331]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  313.373287][T15331]  ? ___might_sleep+0x163/0x280
[  313.378141][T15331]  __should_failslab+0x121/0x190
[  313.383091][T15331]  should_failslab+0x9/0x14
[  313.387600][T15331]  kmem_cache_alloc+0x2b2/0x6f0
[  313.392453][T15331]  ? debug_mutex_init+0x2d/0x60
[  313.397314][T15331]  copy_process.part.0+0x2afe/0x7980
[  313.402689][T15331]  ? get_pid_task+0xc9/0x190
[  313.407281][T15331]  ? find_held_lock+0x35/0x130
[  313.412101][T15331]  ? __cleanup_sighand+0x60/0x60
[  313.417046][T15331]  ? lock_downgrade+0x880/0x880
[  313.421999][T15331]  ? kasan_check_write+0x14/0x20
[  313.426950][T15331]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  313.432524][T15331]  _do_fork+0x257/0xfd0
[  313.436686][T15331]  ? fork_idle+0x1d0/0x1d0
[  313.441090][T15331]  ? fput+0x1b/0x20
[  313.444890][T15331]  ? ksys_write+0x166/0x1f0
[  313.449390][T15331]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  313.454851][T15331]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  313.460312][T15331]  ? do_syscall_64+0x26/0x610
[  313.464977][T15331]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  313.471117][T15331]  ? do_syscall_64+0x26/0x610
[  313.475993][T15331]  __x64_sys_clone+0xbf/0x150
[  313.483462][T15331]  do_syscall_64+0x103/0x610
[  313.488077][T15331]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  313.493996][T15331] RIP: 0033:0x4582b9
[  313.497895][T15331] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  313.517505][T15331] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  313.525907][T15331] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:37:59 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x3f000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:59 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x38, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:59 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x39, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  313.533885][T15331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  313.541865][T15331] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  313.549841][T15331] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  313.557884][T15331] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:37:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:37:59 executing program 1 (fault-call:3 fault-nth:14):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:37:59 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:37:59 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:59 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3a, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:37:59 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x100000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:37:59 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

[  313.762635][T15361] FAULT_INJECTION: forcing a failure.
[  313.762635][T15361] name fail_page_alloc, interval 1, probability 0, space 0, times 0
03:37:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  313.824266][T15361] CPU: 1 PID: 15361 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  313.832383][T15361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  313.842449][T15361] Call Trace:
[  313.845769][T15361]  dump_stack+0x172/0x1f0
[  313.850136][T15361]  should_fail.cold+0xa/0x15
[  313.854747][T15361]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  313.860566][T15361]  ? ___might_sleep+0x163/0x280
[  313.865432][T15361]  should_fail_alloc_page+0x50/0x60
[  313.870639][T15361]  __alloc_pages_nodemask+0x1a1/0x7e0
[  313.876027][T15361]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  313.881769][T15361]  ? find_held_lock+0x35/0x130
[  313.886558][T15361]  ? percpu_ref_put_many+0x94/0x190
[  313.891771][T15361]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  313.898038][T15361]  alloc_pages_current+0x107/0x210
[  313.903163][T15361]  __get_free_pages+0xc/0x40
[  313.907768][T15361]  pgd_alloc+0x8b/0x3f0
[  313.911946][T15361]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  313.918205][T15361]  ? pgd_page_get_mm+0x40/0x40
03:38:00 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  313.922976][T15361]  ? lockdep_init_map+0x1be/0x6d0
[  313.928012][T15361]  ? lockdep_init_map+0x1be/0x6d0
[  313.933233][T15361]  mm_init+0x590/0x9b0
[  313.937318][T15361]  copy_process.part.0+0x2b65/0x7980
[  313.942625][T15361]  ? get_pid_task+0xc9/0x190
[  313.947233][T15361]  ? find_held_lock+0x35/0x130
[  313.952034][T15361]  ? __cleanup_sighand+0x60/0x60
[  313.956981][T15361]  ? lock_downgrade+0x880/0x880
[  313.961864][T15361]  ? kasan_check_write+0x14/0x20
[  313.966819][T15361]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  313.972402][T15361]  _do_fork+0x257/0xfd0
[  313.976575][T15361]  ? fork_idle+0x1d0/0x1d0
[  313.981005][T15361]  ? fput+0x1b/0x20
[  313.984847][T15361]  ? ksys_write+0x166/0x1f0
[  313.989363][T15361]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  313.994853][T15361]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  314.000327][T15361]  ? do_syscall_64+0x26/0x610
[  314.005011][T15361]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.011094][T15361]  ? do_syscall_64+0x26/0x610
[  314.015795][T15361]  __x64_sys_clone+0xbf/0x150
[  314.020497][T15361]  do_syscall_64+0x103/0x610
[  314.025102][T15361]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.031016][T15361] RIP: 0033:0x4582b9
[  314.034928][T15361] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  314.054653][T15361] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  314.063074][T15361] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:38:00 executing program 4:
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:00 executing program 1 (fault-call:3 fault-nth:15):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  314.071047][T15361] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  314.079030][T15361] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  314.087010][T15361] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  314.094988][T15361] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:00 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3b, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:00 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  314.229760][T15392] FAULT_INJECTION: forcing a failure.
[  314.229760][T15392] name failslab, interval 1, probability 0, space 0, times 0
03:38:00 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3c, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  314.284516][T15392] CPU: 1 PID: 15392 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  314.292529][T15392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  314.302594][T15392] Call Trace:
[  314.305906][T15392]  dump_stack+0x172/0x1f0
[  314.310261][T15392]  should_fail.cold+0xa/0x15
[  314.314874][T15392]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  314.320697][T15392]  ? ___might_sleep+0x163/0x280
[  314.325610][T15392]  __should_failslab+0x121/0x190
[  314.330555][T15392]  should_failslab+0x9/0x14
[  314.335184][T15392]  kmem_cache_alloc+0x2b2/0x6f0
[  314.340046][T15392]  ? get_mm_exe_file+0x265/0x3d0
[  314.345000][T15392]  ? percpu_up_read.constprop.0+0x110/0x110
[  314.350903][T15392]  __khugepaged_enter+0x3b/0x390
[  314.355870][T15392]  copy_process.part.0+0x6fcd/0x7980
[  314.361169][T15392]  ? find_held_lock+0x35/0x130
[  314.365960][T15392]  ? __cleanup_sighand+0x60/0x60
[  314.370902][T15392]  ? lock_downgrade+0x880/0x880
[  314.375770][T15392]  ? kasan_check_write+0x14/0x20
[  314.380722][T15392]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  314.386292][T15392]  _do_fork+0x257/0xfd0
[  314.390462][T15392]  ? fork_idle+0x1d0/0x1d0
[  314.394886][T15392]  ? fput+0x1b/0x20
[  314.398701][T15392]  ? ksys_write+0x166/0x1f0
[  314.403224][T15392]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  314.408693][T15392]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  314.414187][T15392]  ? do_syscall_64+0x26/0x610
[  314.418872][T15392]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.424948][T15392]  ? do_syscall_64+0x26/0x610
[  314.429643][T15392]  __x64_sys_clone+0xbf/0x150
[  314.434331][T15392]  do_syscall_64+0x103/0x610
[  314.438947][T15392]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.444853][T15392] RIP: 0033:0x4582b9
[  314.448751][T15392] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  314.468382][T15392] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  314.476819][T15392] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  314.476829][T15392] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  314.476838][T15392] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  314.476847][T15392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  314.476857][T15392] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:00 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x200000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:00 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x3e, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:00 executing program 4:
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:00 executing program 1 (fault-call:3 fault-nth:16):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:00 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224a01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  314.774266][T15424] FAULT_INJECTION: forcing a failure.
[  314.774266][T15424] name failslab, interval 1, probability 0, space 0, times 0
[  314.794165][T15424] CPU: 0 PID: 15424 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  314.802162][T15424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  314.812231][T15424] Call Trace:
[  314.815541][T15424]  dump_stack+0x172/0x1f0
[  314.819909][T15424]  should_fail.cold+0xa/0x15
03:38:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  314.824524][T15424]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  314.830348][T15424]  ? ___might_sleep+0x163/0x280
[  314.835215][T15424]  __should_failslab+0x121/0x190
[  314.840164][T15424]  should_failslab+0x9/0x14
[  314.844682][T15424]  kmem_cache_alloc+0x2b2/0x6f0
[  314.849550][T15424]  ? kasan_check_read+0x11/0x20
[  314.854413][T15424]  ? do_raw_spin_unlock+0x57/0x270
[  314.854436][T15424]  vm_area_dup+0x21/0x170
[  314.854454][T15424]  copy_process.part.0+0x3431/0x7980
[  314.854481][T15424]  ? find_held_lock+0x35/0x130
[  314.854512][T15424]  ? __cleanup_sighand+0x60/0x60
[  314.878906][T15424]  ? lock_downgrade+0x880/0x880
[  314.878934][T15424]  ? kasan_check_write+0x14/0x20
[  314.878951][T15424]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  314.878974][T15424]  _do_fork+0x257/0xfd0
[  314.878996][T15424]  ? fork_idle+0x1d0/0x1d0
[  314.902864][T15424]  ? fput+0x1b/0x20
[  314.906689][T15424]  ? ksys_write+0x166/0x1f0
[  314.911202][T15424]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  314.916673][T15424]  ? trace_hardirqs_on_thunk+0x1a/0x1c
03:38:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  314.922140][T15424]  ? do_syscall_64+0x26/0x610
[  314.926835][T15424]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.933004][T15424]  ? do_syscall_64+0x26/0x610
[  314.937697][T15424]  __x64_sys_clone+0xbf/0x150
[  314.942400][T15424]  do_syscall_64+0x103/0x610
[  314.947005][T15424]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  314.952904][T15424] RIP: 0033:0x4582b9
03:38:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:01 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x42, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  314.956835][T15424] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  314.976449][T15424] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  314.984874][T15424] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  314.992901][T15424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  315.000902][T15424] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  315.008894][T15424] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  315.016870][T15424] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:01 executing program 4:
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:01 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x300000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:01 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x43, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:01 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:01 executing program 1 (fault-call:3 fault-nth:17):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:01 executing program 4:
pipe(0x0)
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="224f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:01 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x46, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  315.366442][T15477] FAULT_INJECTION: forcing a failure.
[  315.366442][T15477] name failslab, interval 1, probability 0, space 0, times 0
[  315.401843][T15477] CPU: 1 PID: 15477 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  315.409866][T15477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  315.419925][T15477] Call Trace:
[  315.423226][T15477]  dump_stack+0x172/0x1f0
[  315.423251][T15477]  should_fail.cold+0xa/0x15
[  315.423284][T15477]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  315.438025][T15477]  ? ___might_sleep+0x163/0x280
[  315.442900][T15477]  __should_failslab+0x121/0x190
[  315.447874][T15477]  should_failslab+0x9/0x14
[  315.452400][T15477]  kmem_cache_alloc+0x2b2/0x6f0
[  315.457261][T15477]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  315.462992][T15477]  ? __vm_enough_memory+0x320/0x5a0
[  315.468207][T15477]  vm_area_dup+0x21/0x170
[  315.472547][T15477]  copy_process.part.0+0x3431/0x7980
[  315.477968][T15477]  ? __cleanup_sighand+0x60/0x60
[  315.482922][T15477]  ? lock_downgrade+0x880/0x880
[  315.487791][T15477]  ? kasan_check_write+0x14/0x20
[  315.487820][T15477]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  315.487843][T15477]  _do_fork+0x257/0xfd0
[  315.498343][T15477]  ? fork_idle+0x1d0/0x1d0
[  315.498359][T15477]  ? fput+0x1b/0x20
[  315.498388][T15477]  ? ksys_write+0x166/0x1f0
[  315.510743][T15477]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  315.510759][T15477]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  315.510774][T15477]  ? do_syscall_64+0x26/0x610
[  315.510798][T15477]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  315.520759][T15477]  ? do_syscall_64+0x26/0x610
[  315.520782][T15477]  __x64_sys_clone+0xbf/0x150
[  315.520803][T15477]  do_syscall_64+0x103/0x610
[  315.551115][T15477]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  315.557015][T15477] RIP: 0033:0x4582b9
03:38:01 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x400000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:01 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000), &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:01 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x48, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  315.560927][T15477] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  315.580623][T15477] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  315.589040][T15477] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  315.597047][T15477] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  315.605031][T15477] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
03:38:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:01 executing program 4:
pipe(0x0)
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

[  315.613043][T15477] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  315.621024][T15477] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:01 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x49, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:01 executing program 1 (fault-call:3 fault-nth:18):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:01 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x4a, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:01 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x500000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:01 executing program 4:
pipe(0x0)
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

[  315.880449][T15522] FAULT_INJECTION: forcing a failure.
[  315.880449][T15522] name failslab, interval 1, probability 0, space 0, times 0
[  315.895014][T15522] CPU: 0 PID: 15522 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  315.903017][T15522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  315.913086][T15522] Call Trace:
[  315.916372][T15522]  dump_stack+0x172/0x1f0
[  315.920693][T15522]  should_fail.cold+0xa/0x15
[  315.925282][T15522]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  315.931100][T15522]  ? find_held_lock+0x35/0x130
[  315.935848][T15522]  ? percpu_ref_put_many+0x94/0x190
[  315.941032][T15522]  __should_failslab+0x121/0x190
[  315.945965][T15522]  should_failslab+0x9/0x14
[  315.950472][T15522]  kmem_cache_alloc+0x47/0x6f0
[  315.955226][T15522]  anon_vma_clone+0xde/0x480
[  315.959843][T15522]  anon_vma_fork+0x8f/0x4a0
[  315.964360][T15522]  ? dup_userfaultfd+0x15e/0x6d0
[  315.969313][T15522]  ? memcpy+0x46/0x50
[  315.973298][T15522]  copy_process.part.0+0x350f/0x7980
[  315.978591][T15522]  ? __cleanup_sighand+0x60/0x60
[  315.983552][T15522]  ? lock_downgrade+0x880/0x880
[  315.988409][T15522]  ? kasan_check_write+0x14/0x20
[  315.993353][T15522]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  315.999003][T15522]  _do_fork+0x257/0xfd0
[  316.003162][T15522]  ? fork_idle+0x1d0/0x1d0
[  316.007574][T15522]  ? fput+0x1b/0x20
[  316.011371][T15522]  ? ksys_write+0x166/0x1f0
[  316.015881][T15522]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  316.021322][T15522]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  316.026763][T15522]  ? do_syscall_64+0x26/0x610
[  316.031443][T15522]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  316.037510][T15522]  ? do_syscall_64+0x26/0x610
[  316.042188][T15522]  __x64_sys_clone+0xbf/0x150
[  316.046883][T15522]  do_syscall_64+0x103/0x610
[  316.051494][T15522]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  316.057386][T15522] RIP: 0033:0x4582b9
[  316.061263][T15522] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:38:02 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x4b, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  316.080858][T15522] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  316.089256][T15522] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  316.097225][T15522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  316.105188][T15522] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  316.113153][T15522] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  316.121125][T15522] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:04 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000), &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:04 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x0, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:04 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x700000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:04 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x4c, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:04 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:04 executing program 1 (fault-call:3 fault-nth:19):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  318.637480][T15552] FAULT_INJECTION: forcing a failure.
[  318.637480][T15552] name failslab, interval 1, probability 0, space 0, times 0
[  318.683525][T15552] CPU: 1 PID: 15552 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  318.691647][T15552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  318.701738][T15552] Call Trace:
[  318.705029][T15552]  dump_stack+0x172/0x1f0
[  318.709352][T15552]  should_fail.cold+0xa/0x15
[  318.713945][T15552]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  318.719758][T15552]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  318.726094][T15552]  ? __anon_vma_interval_tree_augment_rotate+0x1ac/0x220
[  318.733125][T15552]  __should_failslab+0x121/0x190
[  318.738267][T15552]  should_failslab+0x9/0x14
[  318.742766][T15552]  kmem_cache_alloc+0x47/0x6f0
[  318.747536][T15552]  ? anon_vma_chain_link+0x154/0x1c0
[  318.752810][T15552]  anon_vma_clone+0xde/0x480
[  318.757428][T15552]  anon_vma_fork+0x8f/0x4a0
[  318.761926][T15552]  ? dup_userfaultfd+0x15e/0x6d0
[  318.766942][T15552]  ? memcpy+0x46/0x50
[  318.770917][T15552]  copy_process.part.0+0x350f/0x7980
[  318.776200][T15552]  ? __cleanup_sighand+0x60/0x60
[  318.781147][T15552]  ? lock_downgrade+0x880/0x880
[  318.786012][T15552]  ? kasan_check_write+0x14/0x20
[  318.790955][T15552]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  318.796488][T15552]  _do_fork+0x257/0xfd0
[  318.800642][T15552]  ? fork_idle+0x1d0/0x1d0
[  318.805062][T15552]  ? fput+0x1b/0x20
[  318.808869][T15552]  ? ksys_write+0x166/0x1f0
[  318.813361][T15552]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  318.818836][T15552]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  318.824393][T15552]  ? do_syscall_64+0x26/0x610
[  318.829075][T15552]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  318.835124][T15552]  ? do_syscall_64+0x26/0x610
[  318.839787][T15552]  __x64_sys_clone+0xbf/0x150
[  318.844454][T15552]  do_syscall_64+0x103/0x610
[  318.849048][T15552]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  318.854935][T15552] RIP: 0033:0x4582b9
[  318.858818][T15552] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:38:05 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x4d, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:05 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x0, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  318.878420][T15552] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  318.886862][T15552] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  318.894864][T15552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  318.903000][T15552] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  318.911484][T15552] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  318.919443][T15552] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:05 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x4e, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:05 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x800000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:07 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000), &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:07 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x0, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:07 executing program 1 (fault-call:3 fault-nth:20):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:07 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff030000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:07 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0xe00000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:07 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff8f0000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  321.703552][T15594] FAULT_INJECTION: forcing a failure.
[  321.703552][T15594] name failslab, interval 1, probability 0, space 0, times 0
03:38:07 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  321.748633][T15594] CPU: 1 PID: 15594 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  321.756660][T15594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  321.766723][T15594] Call Trace:
[  321.770029][T15594]  dump_stack+0x172/0x1f0
[  321.774380][T15594]  should_fail.cold+0xa/0x15
[  321.778989][T15594]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  321.784811][T15594]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  321.791080][T15594]  __should_failslab+0x121/0x190
[  321.796029][T15594]  should_failslab+0x9/0x14
[  321.800545][T15594]  kmem_cache_alloc+0x47/0x6f0
[  321.805321][T15594]  ? anon_vma_chain_link+0x154/0x1c0
[  321.810668][T15594]  anon_vma_clone+0xde/0x480
[  321.815276][T15594]  anon_vma_fork+0x8f/0x4a0
[  321.815292][T15594]  ? dup_userfaultfd+0x15e/0x6d0
[  321.815305][T15594]  ? memcpy+0x46/0x50
[  321.815327][T15594]  copy_process.part.0+0x350f/0x7980
[  321.815371][T15594]  ? __cleanup_sighand+0x60/0x60
[  321.815399][T15594]  ? lock_downgrade+0x880/0x880
[  321.839014][T15594]  ? kasan_check_write+0x14/0x20
[  321.839034][T15594]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  321.839057][T15594]  _do_fork+0x257/0xfd0
[  321.839081][T15594]  ? fork_idle+0x1d0/0x1d0
[  321.858560][T15594]  ? fput+0x1b/0x20
[  321.858579][T15594]  ? ksys_write+0x166/0x1f0
[  321.858600][T15594]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  321.858617][T15594]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  321.858632][T15594]  ? do_syscall_64+0x26/0x610
[  321.858653][T15594]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  321.882340][T15594]  ? do_syscall_64+0x26/0x610
[  321.882363][T15594]  __x64_sys_clone+0xbf/0x150
[  321.882391][T15594]  do_syscall_64+0x103/0x610
[  321.882411][T15594]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  321.882423][T15594] RIP: 0033:0x4582b9
[  321.882438][T15594] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  321.882446][T15594] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:38:08 executing program 1 (fault-call:3 fault-nth:21):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225a01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:08 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

[  321.882459][T15594] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  321.882468][T15594] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  321.882476][T15594] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  321.882484][T15594] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  321.882493][T15594] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
[  322.159182][T15626] FAULT_INJECTION: forcing a failure.
[  322.159182][T15626] name failslab, interval 1, probability 0, space 0, times 0
[  322.171993][T15626] CPU: 1 PID: 15626 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  322.179976][T15626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  322.190016][T15626] Call Trace:
[  322.193312][T15626]  dump_stack+0x172/0x1f0
[  322.197658][T15626]  should_fail.cold+0xa/0x15
[  322.202272][T15626]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  322.208081][T15626]  ? ___might_sleep+0x163/0x280
[  322.212928][T15626]  __should_failslab+0x121/0x190
[  322.217863][T15626]  should_failslab+0x9/0x14
[  322.222357][T15626]  kmem_cache_alloc+0x2b2/0x6f0
[  322.227200][T15626]  ? anon_vma_clone+0x320/0x480
[  322.232054][T15626]  anon_vma_fork+0xfc/0x4a0
[  322.236563][T15626]  ? dup_userfaultfd+0x15e/0x6d0
[  322.241504][T15626]  ? memcpy+0x46/0x50
[  322.245500][T15626]  copy_process.part.0+0x350f/0x7980
[  322.250784][T15626]  ? __cleanup_sighand+0x60/0x60
[  322.255718][T15626]  ? lock_downgrade+0x880/0x880
[  322.260607][T15626]  ? kasan_check_write+0x14/0x20
[  322.268414][T15626]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  322.273964][T15626]  _do_fork+0x257/0xfd0
[  322.278122][T15626]  ? fork_idle+0x1d0/0x1d0
[  322.282528][T15626]  ? fput+0x1b/0x20
[  322.286325][T15626]  ? ksys_write+0x166/0x1f0
[  322.290817][T15626]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  322.296268][T15626]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  322.301721][T15626]  ? do_syscall_64+0x26/0x610
[  322.306380][T15626]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  322.312449][T15626]  ? do_syscall_64+0x26/0x610
[  322.317140][T15626]  __x64_sys_clone+0xbf/0x150
[  322.321825][T15626]  do_syscall_64+0x103/0x610
[  322.326420][T15626]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  322.332300][T15626] RIP: 0033:0x4582b9
[  322.336202][T15626] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  322.355815][T15626] RSP: 002b:00007fe307633c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  322.364223][T15626] RAX: ffffffffffffffda RBX: 00007fe307633c90 RCX: 00000000004582b9
[  322.372193][T15626] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  322.380165][T15626] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  322.388120][T15626] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076346d4
[  322.396343][T15626] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000003
03:38:10 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:10 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff000300000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:10 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:10 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x3f00000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:10 executing program 1 (fault-call:3 fault-nth:22):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:10 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  324.780312][T15639] FAULT_INJECTION: forcing a failure.
[  324.780312][T15639] name failslab, interval 1, probability 0, space 0, times 0
[  324.802314][T15639] CPU: 1 PID: 15639 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  324.810343][T15639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  324.820402][T15639] Call Trace:
[  324.820430][T15639]  dump_stack+0x172/0x1f0
[  324.820455][T15639]  should_fail.cold+0xa/0x15
[  324.820475][T15639]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  324.820499][T15639]  ? ___might_sleep+0x163/0x280
[  324.820523][T15639]  __should_failslab+0x121/0x190
[  324.848332][T15639]  should_failslab+0x9/0x14
[  324.852861][T15639]  kmem_cache_alloc+0x2b2/0x6f0
[  324.857725][T15639]  ? anon_vma_clone+0x320/0x480
[  324.862601][T15639]  anon_vma_fork+0xfc/0x4a0
[  324.867123][T15639]  ? dup_userfaultfd+0x15e/0x6d0
[  324.872082][T15639]  ? memcpy+0x46/0x50
[  324.876094][T15639]  copy_process.part.0+0x350f/0x7980
[  324.881452][T15639]  ? __cleanup_sighand+0x60/0x60
[  324.886417][T15639]  ? lock_downgrade+0x880/0x880
[  324.891296][T15639]  ? kasan_check_write+0x14/0x20
[  324.896241][T15639]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  324.901801][T15639]  _do_fork+0x257/0xfd0
[  324.905986][T15639]  ? fork_idle+0x1d0/0x1d0
[  324.910415][T15639]  ? fput+0x1b/0x20
[  324.914248][T15639]  ? ksys_write+0x166/0x1f0
[  324.914270][T15639]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  324.914286][T15639]  ? trace_hardirqs_on_thunk+0x1a/0x1c
03:38:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  324.914300][T15639]  ? do_syscall_64+0x26/0x610
[  324.914322][T15639]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  324.940452][T15639]  ? do_syscall_64+0x26/0x610
[  324.945141][T15639]  __x64_sys_clone+0xbf/0x150
[  324.949843][T15639]  do_syscall_64+0x103/0x610
[  324.954443][T15639]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  324.960341][T15639] RIP: 0033:0x4582b9
03:38:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  324.964244][T15639] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  324.983853][T15639] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  324.992275][T15639] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  325.000265][T15639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  325.008241][T15639] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  325.016213][T15639] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  325.024188][T15639] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:13 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:13 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0300000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:13 executing program 1 (fault-call:3 fault-nth:23):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:13 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:13 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x8000000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  327.769298][T15676] FAULT_INJECTION: forcing a failure.
[  327.769298][T15676] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  327.810593][T15676] CPU: 1 PID: 15676 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  327.818615][T15676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  327.828671][T15676] Call Trace:
[  327.831977][T15676]  dump_stack+0x172/0x1f0
[  327.836327][T15676]  should_fail.cold+0xa/0x15
[  327.840938][T15676]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  327.846868][T15676]  ? ___might_sleep+0x163/0x280
[  327.854080][T15676]  should_fail_alloc_page+0x50/0x60
03:38:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  327.859288][T15676]  __alloc_pages_nodemask+0x1a1/0x7e0
[  327.864665][T15676]  ? find_held_lock+0x35/0x130
[  327.869444][T15676]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  327.875170][T15676]  ? find_held_lock+0x35/0x130
[  327.879960][T15676]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  327.886216][T15676]  alloc_pages_current+0x107/0x210
[  327.891339][T15676]  ? kvm_mmu_notifier_invalidate_range_start+0x1d2/0x280
[  327.898373][T15676]  get_zeroed_page+0x14/0x50
[  327.903056][T15676]  __pud_alloc+0x3b/0x250
03:38:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  327.907393][T15676]  pud_alloc+0xde/0x150
[  327.911562][T15676]  copy_page_range+0x375/0x1f90
[  327.916435][T15676]  ? copy_process.part.0+0x3121/0x7980
[  327.921930][T15676]  ? copy_process.part.0+0x3121/0x7980
[  327.927405][T15676]  ? pmd_alloc+0x180/0x180
[  327.931843][T15676]  ? vma_compute_subtree_gap+0x158/0x230
[  327.931860][T15676]  ? validate_mm_rb+0xa3/0xc0
[  327.931876][T15676]  ? __vma_link_rb+0x279/0x370
[  327.931897][T15676]  copy_process.part.0+0x568b/0x7980
[  327.931947][T15676]  ? __cleanup_sighand+0x60/0x60
03:38:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  327.957247][T15676]  ? lock_downgrade+0x880/0x880
[  327.962123][T15676]  ? kasan_check_write+0x14/0x20
[  327.967070][T15676]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  327.972633][T15676]  _do_fork+0x257/0xfd0
[  327.976805][T15676]  ? fork_idle+0x1d0/0x1d0
[  327.981237][T15676]  ? fput+0x1b/0x20
[  327.985066][T15676]  ? ksys_write+0x166/0x1f0
[  327.989586][T15676]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  327.995054][T15676]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  328.000527][T15676]  ? do_syscall_64+0x26/0x610
[  328.005214][T15676]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
03:38:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  328.011298][T15676]  ? do_syscall_64+0x26/0x610
[  328.016269][T15676]  __x64_sys_clone+0xbf/0x150
[  328.020995][T15676]  do_syscall_64+0x103/0x610
[  328.025623][T15676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  328.031642][T15676] RIP: 0033:0x4582b9
[  328.035556][T15676] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  328.055732][T15676] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  328.055748][T15676] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  328.055755][T15676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  328.055763][T15676] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  328.055770][T15676] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  328.055778][T15676] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:14 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:14 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b8f00000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:14 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(0x0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:14 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:14 executing program 1 (fault-call:3 fault-nth:24):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:14 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0003000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  328.664095][T15709] FAULT_INJECTION: forcing a failure.
[  328.664095][T15709] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  328.705962][T15709] CPU: 0 PID: 15709 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  328.713962][T15709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  328.724028][T15709] Call Trace:
[  328.727343][T15709]  dump_stack+0x172/0x1f0
[  328.731697][T15709]  should_fail.cold+0xa/0x15
[  328.736342][T15709]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  328.742164][T15709]  ? ___might_sleep+0x163/0x280
[  328.747038][T15709]  should_fail_alloc_page+0x50/0x60
[  328.752246][T15709]  __alloc_pages_nodemask+0x1a1/0x7e0
[  328.757627][T15709]  ? __pud_alloc+0x1d3/0x250
[  328.762231][T15709]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  328.767961][T15709]  ? __pud_alloc+0x1d3/0x250
[  328.772580][T15709]  ? lock_downgrade+0x880/0x880
[  328.777459][T15709]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  328.783712][T15709]  alloc_pages_current+0x107/0x210
[  328.788848][T15709]  ? do_raw_spin_unlock+0x57/0x270
[  328.793982][T15709]  __pmd_alloc+0x41/0x460
[  328.798316][T15709]  ? pmd_val+0x100/0x100
[  328.802578][T15709]  pmd_alloc+0x10c/0x180
[  328.806854][T15709]  copy_page_range+0x62e/0x1f90
[  328.811734][T15709]  ? copy_process.part.0+0x3121/0x7980
[  328.817214][T15709]  ? copy_process.part.0+0x3121/0x7980
[  328.822778][T15709]  ? pmd_alloc+0x180/0x180
[  328.827212][T15709]  ? vma_compute_subtree_gap+0x158/0x230
[  328.832870][T15709]  ? validate_mm_rb+0xa3/0xc0
[  328.837656][T15709]  ? __vma_link_rb+0x279/0x370
[  328.842438][T15709]  copy_process.part.0+0x568b/0x7980
[  328.848275][T15709]  ? __cleanup_sighand+0x60/0x60
[  328.853323][T15709]  ? lock_downgrade+0x880/0x880
[  328.858223][T15709]  ? kasan_check_write+0x14/0x20
[  328.863177][T15709]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  328.868742][T15709]  _do_fork+0x257/0xfd0
[  328.872912][T15709]  ? fork_idle+0x1d0/0x1d0
[  328.877776][T15709]  ? fput+0x1b/0x20
[  328.881602][T15709]  ? ksys_write+0x166/0x1f0
[  328.886118][T15709]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  328.891590][T15709]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  328.897086][T15709]  ? do_syscall_64+0x26/0x610
[  328.901786][T15709]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  328.907876][T15709]  ? do_syscall_64+0x26/0x610
[  328.912579][T15709]  __x64_sys_clone+0xbf/0x150
[  328.917271][T15709]  do_syscall_64+0x103/0x610
[  328.922101][T15709]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  328.928019][T15709] RIP: 0033:0x4582b9
[  328.931915][T15709] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:38:14 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x3)

03:38:14 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x8f)

03:38:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226a01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  328.931924][T15709] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  328.931938][T15709] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  328.931946][T15709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  328.931954][T15709] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  328.931963][T15709] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  328.931979][T15709] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:17 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000016)

03:38:17 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x300)

03:38:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:17 executing program 1 (fault-call:3 fault-nth:25):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:17 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:17 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x2, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:17 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x8000, 0x40080)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00')
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="b1b51cbc18c5fc86c7114e182d553c68defb88c9e674ef2db6b905d8dcebf46c81d4dfdf64", @ANYRES16=r2, @ANYBLOB="00022bbd7000fddbdf2504000000080005000200000034000300140002006261746164763000000000000000000014000600ff0100000000000000000000000000010800010003000000080006000500000008000500040000004c00010014000300fe8000000000000000000000000000aa080005000200000008000b0073697000080004004e22000014000300759dbc23b207d9363c1e8d7956441c1408000500000000000800050005000000"], 0xb4}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r3 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x100, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r3, 0x10e, 0x3, &(0x7f0000000040)=0x9, 0x4)

[  331.707753][T15749] FAULT_INJECTION: forcing a failure.
[  331.707753][T15749] name failslab, interval 1, probability 0, space 0, times 0
[  331.751693][T15749] CPU: 1 PID: 15749 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  331.759704][T15749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  331.769764][T15749] Call Trace:
[  331.773070][T15749]  dump_stack+0x172/0x1f0
[  331.777406][T15749]  should_fail.cold+0xa/0x15
[  331.782087][T15749]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  331.787895][T15749]  ? ___might_sleep+0x163/0x280
[  331.792804][T15749]  __should_failslab+0x121/0x190
[  331.797735][T15749]  should_failslab+0x9/0x14
[  331.802222][T15749]  kmem_cache_alloc+0x2b2/0x6f0
[  331.807072][T15749]  ? alloc_pages_current+0x10f/0x210
[  331.812359][T15749]  ? do_raw_spin_unlock+0x57/0x270
[  331.817456][T15749]  __pmd_alloc+0xc9/0x460
[  331.821776][T15749]  ? pmd_val+0x100/0x100
[  331.826120][T15749]  pmd_alloc+0x10c/0x180
[  331.830351][T15749]  copy_page_range+0x62e/0x1f90
[  331.835192][T15749]  ? copy_process.part.0+0x3121/0x7980
[  331.840640][T15749]  ? copy_process.part.0+0x3121/0x7980
[  331.846085][T15749]  ? pmd_alloc+0x180/0x180
[  331.850484][T15749]  ? vma_compute_subtree_gap+0x158/0x230
[  331.856100][T15749]  ? validate_mm_rb+0xa3/0xc0
[  331.860758][T15749]  ? __vma_link_rb+0x279/0x370
[  331.865515][T15749]  copy_process.part.0+0x568b/0x7980
[  331.870816][T15749]  ? __cleanup_sighand+0x60/0x60
[  331.875756][T15749]  ? lock_downgrade+0x880/0x880
[  331.880637][T15749]  ? kasan_check_write+0x14/0x20
[  331.885565][T15749]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  331.892032][T15749]  _do_fork+0x257/0xfd0
[  331.896191][T15749]  ? fork_idle+0x1d0/0x1d0
[  331.900611][T15749]  ? fput+0x1b/0x20
[  331.904424][T15749]  ? ksys_write+0x166/0x1f0
[  331.908916][T15749]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  331.914359][T15749]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  331.919814][T15749]  ? do_syscall_64+0x26/0x610
[  331.924506][T15749]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  331.930572][T15749]  ? do_syscall_64+0x26/0x610
[  331.935263][T15749]  __x64_sys_clone+0xbf/0x150
[  331.939932][T15749]  do_syscall_64+0x103/0x610
[  331.944520][T15749]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  331.950426][T15749] RIP: 0033:0x4582b9
[  331.954342][T15749] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  331.974056][T15749] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  331.982485][T15749] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  331.990526][T15749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:38:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:18 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x0)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x3, 0x10002)
write$UHID_SET_REPORT_REPLY(r1, &(0x7f0000000100)={0xe, 0x2, 0x20c0, 0x4}, 0xc)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0x5, {{0xa, 0xfffffffffffffffd, 0x900000000004, @empty, 0x2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  331.998485][T15749] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  332.006440][T15749] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  332.014426][T15749] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:18 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:18 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x3, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:20 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x0, 0x0)
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:20 executing program 1 (fault-call:3 fault-nth:26):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:20 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x4, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:20 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000016)

03:38:20 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = syz_open_dev$vbi(&(0x7f0000000240)='/dev/vbi#\x00', 0x3, 0x2)
ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000280)={0x400, 0x9})
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x80001, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f0000000080)={0x95, 0x38, 0x80000001, 0x0, 0x0, [], [], [], 0x0, 0x3ff})
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f00000001c0)=0x2c, 0x4)
ioctl$DRM_IOCTL_CONTROL(r2, 0x40086414, &(0x7f0000000040)={0x3, 0xc2dd})
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000200)=0x200)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b01000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000539b690e886449543c731db42a16f7fa13e8f4b6eb609b48f1afdc1c0a669ef2f7325a2c68059fad6d1e00"/186], 0x1)

[  334.720241][T15799] FAULT_INJECTION: forcing a failure.
[  334.720241][T15799] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  334.737140][T15799] CPU: 0 PID: 15799 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  334.745143][T15799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  334.755208][T15799] Call Trace:
[  334.758515][T15799]  dump_stack+0x172/0x1f0
[  334.762871][T15799]  should_fail.cold+0xa/0x15
03:38:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:20 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000040))
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000a00000000000001ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000e3000000000000f7ff0000000000000000000000000000000000000000000000000000000000000000f8ffffff000000000000000000000000000100000000ef0120000000000000000000000ae62fd2b0ad81a3f45d9e8d61ed1acea433be82247197b158b6748109386c9641d929e55e86e2b92993471c0afb673e9d6c973a"], 0x1)

[  334.767507][T15799]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  334.773320][T15799]  ? ___might_sleep+0x163/0x280
[  334.778195][T15799]  should_fail_alloc_page+0x50/0x60
[  334.783410][T15799]  __alloc_pages_nodemask+0x1a1/0x7e0
[  334.788795][T15799]  ? find_held_lock+0x35/0x130
[  334.793600][T15799]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  334.799335][T15799]  ? kasan_check_write+0x14/0x20
[  334.804285][T15799]  ? lock_downgrade+0x880/0x880
[  334.809154][T15799]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  334.815426][T15799]  alloc_pages_current+0x107/0x210
03:38:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  334.820552][T15799]  pte_alloc_one+0x1b/0x1a0
[  334.825065][T15799]  __pte_alloc+0x20/0x310
[  334.829411][T15799]  copy_page_range+0x1529/0x1f90
[  334.834368][T15799]  ? copy_process.part.0+0x3121/0x7980
[  334.834395][T15799]  ? pmd_alloc+0x180/0x180
[  334.834408][T15799]  ? vma_compute_subtree_gap+0x158/0x230
[  334.834423][T15799]  ? validate_mm_rb+0xa3/0xc0
[  334.834444][T15799]  ? __vma_link_rb+0x279/0x370
[  334.850039][T15799]  copy_process.part.0+0x568b/0x7980
[  334.864774][T15799]  ? __cleanup_sighand+0x60/0x60
[  334.869723][T15799]  ? lock_downgrade+0x880/0x880
[  334.869751][T15799]  ? kasan_check_write+0x14/0x20
[  334.869768][T15799]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  334.869791][T15799]  _do_fork+0x257/0xfd0
[  334.869834][T15799]  ? fork_idle+0x1d0/0x1d0
[  334.885154][T15799]  ? fput+0x1b/0x20
[  334.885172][T15799]  ? ksys_write+0x166/0x1f0
[  334.885194][T15799]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  334.885210][T15799]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  334.885232][T15799]  ? do_syscall_64+0x26/0x610
03:38:21 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
fgetxattr(r0, &(0x7f0000000000)=@random={'security.', 'wlan1:loGPL%selinux,GPL\x00'}, &(0x7f0000000040)=""/58, 0x3a)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  334.917700][T15799]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  334.923783][T15799]  ? do_syscall_64+0x26/0x610
[  334.928495][T15799]  __x64_sys_clone+0xbf/0x150
[  334.933190][T15799]  do_syscall_64+0x103/0x610
[  334.937801][T15799]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  334.943713][T15799] RIP: 0033:0x4582b9
[  334.943730][T15799] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:38:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  334.943738][T15799] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  334.943752][T15799] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  334.943760][T15799] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  334.943769][T15799] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  334.943777][T15799] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  334.943793][T15799] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:21 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x0, &(0x7f0000001700))
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:21 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x6, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x20, &(0x7f0000000440)={@remote, @rand_addr, <r2=>0x0}, &(0x7f0000000480)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f0000000540)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x24000000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=@deltfilter={0x2c, 0x2d, 0x904, 0x70bd2a, 0x25dfdbfd, {0x0, r2, {0xffff, 0xb}, {0xa, 0xc}, {0x6}}, [@TCA_RATE={0x8, 0x5, {0x2, 0x8000}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4000001)

03:38:21 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000016)

03:38:21 executing program 1 (fault-call:3 fault-nth:27):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:21 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x5, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  335.171586][T15837] FAULT_INJECTION: forcing a failure.
[  335.171586][T15837] name failslab, interval 1, probability 0, space 0, times 0
[  335.233909][T15837] CPU: 0 PID: 15837 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  335.241931][T15837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  335.251994][T15837] Call Trace:
[  335.255308][T15837]  dump_stack+0x172/0x1f0
[  335.259675][T15837]  should_fail.cold+0xa/0x15
[  335.264290][T15837]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  335.270117][T15837]  ? ___might_sleep+0x163/0x280
[  335.274990][T15837]  __should_failslab+0x121/0x190
[  335.279941][T15837]  should_failslab+0x9/0x14
[  335.284457][T15837]  kmem_cache_alloc+0x2b2/0x6f0
[  335.289765][T15837]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  335.296022][T15837]  ptlock_alloc+0x20/0x70
[  335.300457][T15837]  pte_alloc_one+0x6d/0x1a0
[  335.304986][T15837]  __pte_alloc+0x20/0x310
[  335.309329][T15837]  copy_page_range+0x1529/0x1f90
[  335.314302][T15837]  ? copy_process.part.0+0x3121/0x7980
[  335.319797][T15837]  ? pmd_alloc+0x180/0x180
[  335.324230][T15837]  ? vma_compute_subtree_gap+0x158/0x230
[  335.329890][T15837]  ? validate_mm_rb+0xa3/0xc0
[  335.334586][T15837]  ? __vma_link_rb+0x279/0x370
[  335.339527][T15837]  copy_process.part.0+0x568b/0x7980
[  335.344952][T15837]  ? __cleanup_sighand+0x60/0x60
[  335.349911][T15837]  ? lock_downgrade+0x880/0x880
[  335.354786][T15837]  ? kasan_check_write+0x14/0x20
[  335.359762][T15837]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  335.365324][T15837]  _do_fork+0x257/0xfd0
[  335.369500][T15837]  ? fork_idle+0x1d0/0x1d0
[  335.374108][T15837]  ? fput+0x1b/0x20
[  335.377930][T15837]  ? ksys_write+0x166/0x1f0
03:38:21 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x0, &(0x7f0000001700))
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:21 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2)

[  335.377952][T15837]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  335.377969][T15837]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  335.377985][T15837]  ? do_syscall_64+0x26/0x610
[  335.378000][T15837]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  335.378014][T15837]  ? do_syscall_64+0x26/0x610
[  335.378035][T15837]  __x64_sys_clone+0xbf/0x150
[  335.393552][T15837]  do_syscall_64+0x103/0x610
[  335.393575][T15837]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  335.393592][T15837] RIP: 0033:0x4582b9
[  335.393608][T15837] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  335.393616][T15837] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  335.393630][T15837] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  335.393638][T15837] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  335.393646][T15837] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
03:38:21 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000000)={0x0, 0x8, 0x401, 0x0, 0x2, 0xfffffffffffffffe, 0x9c4f, 0x5, {<r1=>0x0, @in6={{0xa, 0x4e23, 0x80, @dev={0xfe, 0x80, [], 0x22}, 0xa52}}, 0x2, 0x100000001, 0x9, 0x5, 0x2}}, &(0x7f00000000c0)=0xb0)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r1, 0xd53}, 0x8)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000300)=0x3)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000140)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b070000000000000000000000000000000000000000000000000000000000000000000000000000000000d5242079000000000000000000000000000000000000e7ff0000000000000000000000000000000000000000000000000000000000000035cc7c1c786a81e33397977726c5ac875052cde374676237d3f37c854c2879ddfdc89df4132cce762dd8e36a68f629428a8ee9f9651173332442d56b9f0016d645ef1680eb73892f76a5fa9aad4add0f8687468c97873154026019af26e2f9db442434a6bbcaf65f029cf931ab54f0cc6f0af5bcdd34d4ad4a88123eb2e9f7500c509046b9a85f3d49da73757abd0e3fbbcda885bad8bf410a82a88da510b0f934fdf1874435c7b0577591194e08791ad53f6488ec572d8adae34d6b95adee53ffb2a0e9bf9b2cfd37052679c3382a02e193a45373942eff8306632337521105aa3f97cb74cd2367"], 0x1)

03:38:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  335.393654][T15837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  335.393662][T15837] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:21 executing program 1 (fault-call:3 fault-nth:28):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:21 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x6)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x2100, 0x0)
ioctl$LOOP_GET_STATUS64(r1, 0x4c05, &(0x7f0000000040))
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b01000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000069ecf14fffff0000000000000000"], 0x1)

[  335.585558][T15868] QAT: Invalid ioctl
[  335.636929][T15870] FAULT_INJECTION: forcing a failure.
[  335.636929][T15870] name failslab, interval 1, probability 0, space 0, times 0
[  335.657079][T15868] QAT: Invalid ioctl
[  335.681626][T15870] CPU: 0 PID: 15870 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  335.689646][T15870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  335.699714][T15870] Call Trace:
[  335.703032][T15870]  dump_stack+0x172/0x1f0
[  335.707387][T15870]  should_fail.cold+0xa/0x15
[  335.712017][T15870]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  335.717852][T15870]  ? ___might_sleep+0x163/0x280
[  335.722745][T15870]  __should_failslab+0x121/0x190
[  335.727693][T15870]  should_failslab+0x9/0x14
[  335.732219][T15870]  kmem_cache_alloc+0x2b2/0x6f0
[  335.732234][T15870]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  335.732248][T15870]  ? __vm_enough_memory+0x320/0x5a0
[  335.732274][T15870]  vm_area_dup+0x21/0x170
[  335.743658][T15870]  copy_process.part.0+0x3431/0x7980
[  335.743699][T15870]  ? __cleanup_sighand+0x60/0x60
[  335.743714][T15870]  ? lock_downgrade+0x880/0x880
[  335.743739][T15870]  ? kasan_check_write+0x14/0x20
[  335.773181][T15870]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  335.778713][T15870]  _do_fork+0x257/0xfd0
[  335.782884][T15870]  ? fork_idle+0x1d0/0x1d0
[  335.787659][T15870]  ? fput+0x1b/0x20
[  335.791545][T15870]  ? ksys_write+0x166/0x1f0
[  335.796042][T15870]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  335.801508][T15870]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  335.806992][T15870]  ? do_syscall_64+0x26/0x610
[  335.811653][T15870]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  335.817800][T15870]  ? do_syscall_64+0x26/0x610
[  335.822488][T15870]  __x64_sys_clone+0xbf/0x150
[  335.827177][T15870]  do_syscall_64+0x103/0x610
[  335.831758][T15870]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  335.837652][T15870] RIP: 0033:0x4582b9
[  335.841531][T15870] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  335.861123][T15870] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  335.869516][T15870] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  335.877481][T15870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  335.885433][T15870] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  335.893394][T15870] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  335.901359][T15870] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:24 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:38:24 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x7, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:24 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x0, &(0x7f0000001700))
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:24 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x40000, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:24 executing program 1 (fault-call:3 fault-nth:29):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  338.210856][T15888] FAULT_INJECTION: forcing a failure.
[  338.210856][T15888] name failslab, interval 1, probability 0, space 0, times 0
[  338.231013][T15888] CPU: 0 PID: 15888 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  338.239057][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  338.249127][T15888] Call Trace:
[  338.252439][T15888]  dump_stack+0x172/0x1f0
[  338.256801][T15888]  should_fail.cold+0xa/0x15
[  338.261429][T15888]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  338.267251][T15888]  ? find_held_lock+0x35/0x130
[  338.272117][T15888]  ? percpu_ref_put_many+0x94/0x190
[  338.277335][T15888]  __should_failslab+0x121/0x190
[  338.282291][T15888]  should_failslab+0x9/0x14
[  338.286840][T15888]  kmem_cache_alloc+0x47/0x6f0
[  338.291637][T15888]  anon_vma_clone+0xde/0x480
[  338.296243][T15888]  anon_vma_fork+0x8f/0x4a0
[  338.300761][T15888]  ? dup_userfaultfd+0x15e/0x6d0
[  338.305709][T15888]  ? memcpy+0x46/0x50
[  338.309708][T15888]  copy_process.part.0+0x350f/0x7980
[  338.315067][T15888]  ? __cleanup_sighand+0x60/0x60
[  338.320053][T15888]  ? lock_downgrade+0x880/0x880
[  338.325185][T15888]  ? kasan_check_write+0x14/0x20
[  338.330232][T15888]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  338.335800][T15888]  _do_fork+0x257/0xfd0
[  338.339995][T15888]  ? fork_idle+0x1d0/0x1d0
[  338.344449][T15888]  ? fput+0x1b/0x20
[  338.348275][T15888]  ? ksys_write+0x166/0x1f0
[  338.352800][T15888]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  338.358284][T15888]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  338.363857][T15888]  ? do_syscall_64+0x26/0x610
[  338.368566][T15888]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  338.374660][T15888]  ? do_syscall_64+0x26/0x610
[  338.379357][T15888]  __x64_sys_clone+0xbf/0x150
[  338.384063][T15888]  do_syscall_64+0x103/0x610
[  338.388668][T15888]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  338.394597][T15888] RIP: 0033:0x4582b9
[  338.398511][T15888] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  338.418867][T15888] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  338.427576][T15888] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  338.435560][T15888] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  338.435579][T15888] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  338.435588][T15888] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
03:38:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:24 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000040000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227a01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:24 executing program 5:
r0 = dup(0xffffffffffffff9c)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f00000000c0)=0x80, 0x4)
r1 = socket$inet6(0xa, 0x80001, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x101082, 0x0)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000040)=0x10001)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))

03:38:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:24 executing program 5:
r0 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000000)=0x7)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  338.435595][T15888] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:25 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:38:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:25 executing program 1 (fault-call:3 fault-nth:30):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:25 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[0x0])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:25 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:25 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  339.117311][T15934] FAULT_INJECTION: forcing a failure.
[  339.117311][T15934] name failslab, interval 1, probability 0, space 0, times 0
[  339.131524][T15934] CPU: 1 PID: 15934 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  339.139789][T15934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  339.149850][T15934] Call Trace:
[  339.153160][T15934]  dump_stack+0x172/0x1f0
[  339.157509][T15934]  should_fail.cold+0xa/0x15
[  339.162208][T15934]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  339.168018][T15934]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  339.174273][T15934]  ? __anon_vma_interval_tree_augment_rotate+0x1ac/0x220
[  339.181319][T15934]  __should_failslab+0x121/0x190
[  339.186310][T15934]  should_failslab+0x9/0x14
[  339.190826][T15934]  kmem_cache_alloc+0x47/0x6f0
[  339.195604][T15934]  ? anon_vma_chain_link+0x154/0x1c0
[  339.200902][T15934]  anon_vma_clone+0xde/0x480
[  339.205507][T15934]  anon_vma_fork+0x8f/0x4a0
[  339.210018][T15934]  ? dup_userfaultfd+0x15e/0x6d0
[  339.214968][T15934]  ? memcpy+0x46/0x50
[  339.218971][T15934]  copy_process.part.0+0x350f/0x7980
[  339.224299][T15934]  ? __cleanup_sighand+0x60/0x60
[  339.229278][T15934]  ? lock_downgrade+0x880/0x880
[  339.234146][T15934]  ? kasan_check_write+0x14/0x20
[  339.239095][T15934]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  339.245371][T15934]  _do_fork+0x257/0xfd0
[  339.245394][T15934]  ? fork_idle+0x1d0/0x1d0
[  339.245418][T15934]  ? fput+0x1b/0x20
[  339.245435][T15934]  ? ksys_write+0x166/0x1f0
03:38:25 executing program 5:
r0 = socket$inet6(0xa, 0x100000000a0001, 0x1)
getpeername$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000100)=0x1c)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000140)={'icmp\x00'}, &(0x7f0000000180)=0x1e)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x80, 0x80)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x8, 0x110, r1, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000200), &(0x7f0000000280)=0x4)
clock_gettime(0x0, &(0x7f0000000240)={<r2=>0x0, <r3=>0x0})
futimesat(r1, &(0x7f0000000340)='./file0\x00', &(0x7f0000000300)={{r2, r3/1000+30000}})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000001001b0100000000000000000400000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000073380000000001000000000000005af86111024c840a0ea48c0d9c9b248bf4bde31768f6889d0148ec38a6eb0608"], 0x1)

03:38:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:25 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x40, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000040)={<r1=>0x0})
ioctl$DRM_IOCTL_RM_CTX(r0, 0xc0086421, &(0x7f0000000080)={r1})
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e24, 0xe802, @empty, 0x1ff}, 0x1c)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  339.245456][T15934]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  339.245472][T15934]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  339.245487][T15934]  ? do_syscall_64+0x26/0x610
[  339.245503][T15934]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  339.245516][T15934]  ? do_syscall_64+0x26/0x610
[  339.245536][T15934]  __x64_sys_clone+0xbf/0x150
[  339.245555][T15934]  do_syscall_64+0x103/0x610
[  339.245574][T15934]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  339.245586][T15934] RIP: 0033:0x4582b9
[  339.245602][T15934] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  339.245610][T15934] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  339.245626][T15934] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  339.245635][T15934] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  339.245644][T15934] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
03:38:25 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[0x0])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:25 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x2, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYRES32], 0x1)

[  339.245653][T15934] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  339.245662][T15934] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:26 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:38:26 executing program 1 (fault-call:3 fault-nth:31):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:26 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0xe, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:26 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[0x0])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="227f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:26 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x80000000000000)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_tcp_buf(r0, 0x6, 0x3f, &(0x7f0000000000)="9408ed2f1cc57fea7e9f64e7a9dfc0311ebbed462ec317d60cfdbaa7e688217b852cb919d190b66d7beafbf65f3ae9444de84a42d90464650ff95783f8323e09f6ff55ee94ef35aa6c1ddb4f222a36f78586c264f01b8608f2f92d2e3fc1374af812afc8f1a714affd3744b309f10f9dbe25e74274a1266634c802511ee9be959907babb3c3fdc31af2f92291b43fe41f26d3c8b0a2ef170ec", 0x99)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYRESOCT=r0], 0x1)

03:38:26 executing program 5:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x40, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000008, 0x10, r0, 0x100000000)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000040)={0x0, 0x7530}, 0x10)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000000), 0xc40f246af9ecc68c)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  340.038928][T15986] FAULT_INJECTION: forcing a failure.
[  340.038928][T15986] name failslab, interval 1, probability 0, space 0, times 0
[  340.082194][T15986] CPU: 0 PID: 15986 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  340.090208][T15986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  340.100281][T15986] Call Trace:
[  340.103644][T15986]  dump_stack+0x172/0x1f0
[  340.108012][T15986]  should_fail.cold+0xa/0x15
[  340.108042][T15986]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  340.118424][T15986]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  340.118450][T15986]  __should_failslab+0x121/0x190
[  340.118469][T15986]  should_failslab+0x9/0x14
[  340.134174][T15986]  kmem_cache_alloc+0x47/0x6f0
[  340.138949][T15986]  ? anon_vma_chain_link+0x154/0x1c0
[  340.144246][T15986]  anon_vma_clone+0xde/0x480
[  340.148856][T15986]  anon_vma_fork+0x8f/0x4a0
[  340.153379][T15986]  ? dup_userfaultfd+0x15e/0x6d0
[  340.158329][T15986]  ? memcpy+0x46/0x50
[  340.162325][T15986]  copy_process.part.0+0x350f/0x7980
[  340.167770][T15986]  ? __cleanup_sighand+0x60/0x60
[  340.174286][T15986]  ? lock_downgrade+0x880/0x880
03:38:26 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x300, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:26 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  340.179164][T15986]  ? kasan_check_write+0x14/0x20
[  340.184150][T15986]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  340.189711][T15986]  _do_fork+0x257/0xfd0
[  340.193896][T15986]  ? fork_idle+0x1d0/0x1d0
[  340.198332][T15986]  ? fput+0x1b/0x20
[  340.202177][T15986]  ? ksys_write+0x166/0x1f0
[  340.206693][T15986]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  340.206710][T15986]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  340.206725][T15986]  ? do_syscall_64+0x26/0x610
[  340.206741][T15986]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  340.206754][T15986]  ? do_syscall_64+0x26/0x610
[  340.206782][T15986]  __x64_sys_clone+0xbf/0x150
[  340.222377][T15986]  do_syscall_64+0x103/0x610
[  340.222399][T15986]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  340.222411][T15986] RIP: 0033:0x4582b9
[  340.222426][T15986] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  340.222434][T15986] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:38:26 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0xfffffffffffffffa)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0x0, {{0xa, 0x4e23, 0x0, @rand_addr="3d597f65385280fd7d56376b94e499b3", 0x400000000000000}}}, 0xfffffffffffffe85)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  340.222450][T15986] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  340.222458][T15986] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  340.222467][T15986] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  340.222475][T15986] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  340.222483][T15986] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:26 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x0)

03:38:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:26 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:26 executing program 1 (fault-call:3 fault-nth:32):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:26 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x500, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:26 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x4)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff01000000000000000059d7d2c8da55ffd100000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000855a5209d9d3949ba3e33c7f3fe21b24d133adc7457f25da58f9f71c7c4ba2130a4fdb07adc31cd473d4e90a3497f2c6bad7af7f779e246713fdb2af8b24d3d59480d52c948f0c4424ce7f9ae9350de835e42d61331559cea460189da0e479498e9f29322a960d0ee48def8f4d52187e9e92c1ae8be91c9b24560806e4aa374f7d36579e6024d3973927f583d2f271854e65e020000009d184c1ea6392a39d10b557352"], 0x1)
getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000), &(0x7f00000001c0)=0xb)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x22000, 0x0)

[  340.886058][T16025] FAULT_INJECTION: forcing a failure.
[  340.886058][T16025] name failslab, interval 1, probability 0, space 0, times 0
[  340.914744][T16025] CPU: 0 PID: 16025 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  340.922761][T16025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  340.932843][T16025] Call Trace:
[  340.932876][T16025]  dump_stack+0x172/0x1f0
[  340.932910][T16025]  should_fail.cold+0xa/0x15
[  340.932934][T16025]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  340.940648][T16025]  ? ___might_sleep+0x163/0x280
[  340.940670][T16025]  __should_failslab+0x121/0x190
[  340.940705][T16025]  should_failslab+0x9/0x14
[  340.965385][T16025]  kmem_cache_alloc+0x2b2/0x6f0
[  340.965400][T16025]  ? anon_vma_clone+0x320/0x480
[  340.965423][T16025]  anon_vma_fork+0xfc/0x4a0
[  340.965438][T16025]  ? dup_userfaultfd+0x15e/0x6d0
[  340.965453][T16025]  ? memcpy+0x46/0x50
[  340.965477][T16025]  copy_process.part.0+0x350f/0x7980
[  340.965516][T16025]  ? __cleanup_sighand+0x60/0x60
[  340.984728][T16025]  ? lock_downgrade+0x880/0x880
[  340.984755][T16025]  ? kasan_check_write+0x14/0x20
[  340.984773][T16025]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  340.984797][T16025]  _do_fork+0x257/0xfd0
[  340.984818][T16025]  ? fork_idle+0x1d0/0x1d0
[  340.984848][T16025]  ? fput+0x1b/0x20
[  341.026778][T16025]  ? ksys_write+0x166/0x1f0
[  341.031308][T16025]  ? trace_hardirqs_on_thunk+0x1a/0x1c
03:38:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:27 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000000)={<r1=>0x0, 0x5}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={r1, 0xffff}, 0x8)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:27 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={<r1=>0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000100)='vmnet1^(\x00'}, 0x30)
tkill(r1, 0x1a)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000140)=ANY=[@ANYRESOCT=r0], 0x1)
r2 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, r2)

[  341.036772][T16025]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  341.042252][T16025]  ? do_syscall_64+0x26/0x610
[  341.046949][T16025]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  341.053061][T16025]  ? do_syscall_64+0x26/0x610
[  341.057757][T16025]  __x64_sys_clone+0xbf/0x150
[  341.062469][T16025]  do_syscall_64+0x103/0x610
[  341.062491][T16025]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  341.062509][T16025] RIP: 0033:0x4582b9
[  341.072982][T16025] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  341.072990][T16025] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  341.073005][T16025] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  341.073012][T16025] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  341.073021][T16025] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  341.073028][T16025] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  341.073036][T16025] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:27 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x700, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:27 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x0)

03:38:27 executing program 4:
pipe(&(0x7f0000000400))
io_setup(0x9, &(0x7f0000000240)=<r0=>0x0)
io_submit(r0, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000180)="88", 0x1}])
io_destroy(r0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r1, 0x1000000000016)

03:38:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:27 executing program 5:
r0 = socket$inet6(0xa, 0xa, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x100)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth0\x00', <r2=>0x0})
bind$xdp(r1, &(0x7f0000000200)={0x2c, 0x1, r2, 0x3, r0}, 0x10)

03:38:27 executing program 1 (fault-call:3 fault-nth:33):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:27 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0xe00, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  341.790763][T16067] FAULT_INJECTION: forcing a failure.
[  341.790763][T16067] name failslab, interval 1, probability 0, space 0, times 0
[  341.812753][T16067] CPU: 0 PID: 16067 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  341.820767][T16067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  341.820780][T16067] Call Trace:
[  341.834149][T16067]  dump_stack+0x172/0x1f0
[  341.838505][T16067]  should_fail.cold+0xa/0x15
[  341.843116][T16067]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  341.848933][T16067]  ? ___might_sleep+0x163/0x280
[  341.848955][T16067]  __should_failslab+0x121/0x190
[  341.848971][T16067]  should_failslab+0x9/0x14
[  341.848988][T16067]  kmem_cache_alloc+0x2b2/0x6f0
[  341.849003][T16067]  ? anon_vma_clone+0x320/0x480
[  341.849026][T16067]  anon_vma_fork+0x1ea/0x4a0
[  341.877757][T16067]  ? dup_userfaultfd+0x15e/0x6d0
[  341.882714][T16067]  copy_process.part.0+0x350f/0x7980
[  341.888048][T16067]  ? __cleanup_sighand+0x60/0x60
[  341.893000][T16067]  ? lock_downgrade+0x880/0x880
[  341.897960][T16067]  ? kasan_check_write+0x14/0x20
[  341.897991][T16067]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  341.898014][T16067]  _do_fork+0x257/0xfd0
[  341.898086][T16067]  ? fork_idle+0x1d0/0x1d0
[  341.917106][T16067]  ? fput+0x1b/0x20
[  341.920933][T16067]  ? ksys_write+0x166/0x1f0
[  341.925445][T16067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  341.930916][T16067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  341.936385][T16067]  ? do_syscall_64+0x26/0x610
03:38:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:28 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0xffffffff00000001, 0x2000)
ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000100)=0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  341.941072][T16067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  341.947156][T16067]  ? do_syscall_64+0x26/0x610
[  341.951874][T16067]  __x64_sys_clone+0xbf/0x150
[  341.956579][T16067]  do_syscall_64+0x103/0x610
[  341.961186][T16067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  341.961199][T16067] RIP: 0033:0x4582b9
[  341.961214][T16067] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  341.961223][T16067] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  341.961250][T16067] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  341.961258][T16067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  341.961267][T16067] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  341.961276][T16067] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  341.961284][T16067] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:28 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:28 executing program 1 (fault-call:3 fault-nth:34):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  342.237468][T16106] FAULT_INJECTION: forcing a failure.
[  342.237468][T16106] name failslab, interval 1, probability 0, space 0, times 0
[  342.251700][T16106] CPU: 0 PID: 16106 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  342.259708][T16106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  342.269767][T16106] Call Trace:
[  342.273083][T16106]  dump_stack+0x172/0x1f0
[  342.277436][T16106]  should_fail.cold+0xa/0x15
[  342.282056][T16106]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  342.287919][T16106]  ? ___might_sleep+0x163/0x280
[  342.292787][T16106]  __should_failslab+0x121/0x190
[  342.297741][T16106]  should_failslab+0x9/0x14
[  342.302259][T16106]  kmem_cache_alloc+0x2b2/0x6f0
[  342.302274][T16106]  ? validate_mm_rb+0xa3/0xc0
[  342.302297][T16106]  vm_area_dup+0x21/0x170
[  342.302314][T16106]  copy_process.part.0+0x3431/0x7980
[  342.302371][T16106]  ? __cleanup_sighand+0x60/0x60
[  342.326524][T16106]  ? lock_downgrade+0x880/0x880
[  342.331397][T16106]  ? kasan_check_write+0x14/0x20
[  342.336351][T16106]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  342.341954][T16106]  _do_fork+0x257/0xfd0
[  342.346117][T16106]  ? fork_idle+0x1d0/0x1d0
[  342.350519][T16106]  ? fput+0x1b/0x20
[  342.354312][T16106]  ? ksys_write+0x166/0x1f0
[  342.358805][T16106]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  342.364447][T16106]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  342.369918][T16106]  ? do_syscall_64+0x26/0x610
[  342.374604][T16106]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  342.380666][T16106]  ? do_syscall_64+0x26/0x610
[  342.385336][T16106]  __x64_sys_clone+0xbf/0x150
[  342.390012][T16106]  do_syscall_64+0x103/0x610
[  342.394621][T16106]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  342.400499][T16106] RIP: 0033:0x4582b9
[  342.404394][T16106] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  342.424016][T16106] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  342.432435][T16106] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  342.440415][T16106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  342.448374][T16106] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  342.456340][T16106] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  342.464308][T16106] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:28 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x0)

03:38:28 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:28 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x3f00, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228a01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:28 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000003e5491a200001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x1, 0x0)

03:38:28 executing program 1 (fault-call:3 fault-nth:35):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  342.676380][T16123] FAULT_INJECTION: forcing a failure.
[  342.676380][T16123] name failslab, interval 1, probability 0, space 0, times 0
[  342.690315][T16123] CPU: 0 PID: 16123 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  342.698303][T16123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  342.708359][T16123] Call Trace:
[  342.711671][T16123]  dump_stack+0x172/0x1f0
[  342.716020][T16123]  should_fail.cold+0xa/0x15
[  342.720645][T16123]  ? fault_create_debugfs_attr+0x1e0/0x1e0
03:38:28 executing program 5:
r0 = socket$inet6(0xa, 0x80007, 0x3)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0xffff}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  342.726564][T16123]  ? ___might_sleep+0x163/0x280
[  342.731528][T16123]  __should_failslab+0x121/0x190
[  342.736485][T16123]  should_failslab+0x9/0x14
[  342.741007][T16123]  kmem_cache_alloc+0x2b2/0x6f0
[  342.745884][T16123]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  342.751616][T16123]  ? __vm_enough_memory+0x320/0x5a0
[  342.756848][T16123]  vm_area_dup+0x21/0x170
[  342.761187][T16123]  copy_process.part.0+0x3431/0x7980
[  342.761230][T16123]  ? __cleanup_sighand+0x60/0x60
[  342.771444][T16123]  ? lock_downgrade+0x880/0x880
03:38:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  342.771470][T16123]  ? kasan_check_write+0x14/0x20
[  342.771487][T16123]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  342.771508][T16123]  _do_fork+0x257/0xfd0
[  342.771530][T16123]  ? fork_idle+0x1d0/0x1d0
[  342.771556][T16123]  ? fput+0x1b/0x20
[  342.771574][T16123]  ? ksys_write+0x166/0x1f0
[  342.771593][T16123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  342.771615][T16123]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  342.791085][T16123]  ? do_syscall_64+0x26/0x610
[  342.791103][T16123]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  342.791117][T16123]  ? do_syscall_64+0x26/0x610
[  342.791138][T16123]  __x64_sys_clone+0xbf/0x150
[  342.791158][T16123]  do_syscall_64+0x103/0x610
[  342.809337][T16123]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  342.809350][T16123] RIP: 0033:0x4582b9
[  342.809366][T16123] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  342.809374][T16123] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:38:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  342.877371][T16123] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  342.885345][T16123] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  342.893334][T16123] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  342.901309][T16123] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  342.909288][T16123] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:29 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x1000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:29 executing program 1 (fault-call:3 fault-nth:36):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  343.527716][T16157] FAULT_INJECTION: forcing a failure.
[  343.527716][T16157] name failslab, interval 1, probability 0, space 0, times 0
[  343.542155][T16157] CPU: 0 PID: 16157 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  343.550165][T16157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  343.560218][T16157] Call Trace:
[  343.563502][T16157]  dump_stack+0x172/0x1f0
[  343.567943][T16157]  should_fail.cold+0xa/0x15
[  343.572526][T16157]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  343.578315][T16157]  ? find_held_lock+0x35/0x130
[  343.583060][T16157]  ? percpu_ref_put_many+0x94/0x190
[  343.588239][T16157]  __should_failslab+0x121/0x190
[  343.593246][T16157]  should_failslab+0x9/0x14
[  343.597732][T16157]  kmem_cache_alloc+0x47/0x6f0
[  343.602507][T16157]  anon_vma_clone+0xde/0x480
[  343.607231][T16157]  anon_vma_fork+0x8f/0x4a0
[  343.611718][T16157]  ? dup_userfaultfd+0x15e/0x6d0
[  343.616634][T16157]  ? memcpy+0x46/0x50
[  343.620622][T16157]  copy_process.part.0+0x350f/0x7980
[  343.626250][T16157]  ? __cleanup_sighand+0x60/0x60
[  343.631168][T16157]  ? lock_downgrade+0x880/0x880
[  343.636003][T16157]  ? kasan_check_write+0x14/0x20
[  343.641556][T16157]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  343.647084][T16157]  _do_fork+0x257/0xfd0
[  343.651221][T16157]  ? fork_idle+0x1d0/0x1d0
[  343.655617][T16157]  ? fput+0x1b/0x20
[  343.659404][T16157]  ? ksys_write+0x166/0x1f0
[  343.663890][T16157]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  343.669330][T16157]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  343.674796][T16157]  ? do_syscall_64+0x26/0x610
[  343.679566][T16157]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  343.685613][T16157]  ? do_syscall_64+0x26/0x610
[  343.690272][T16157]  __x64_sys_clone+0xbf/0x150
[  343.694942][T16157]  do_syscall_64+0x103/0x610
[  343.699514][T16157]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  343.705383][T16157] RIP: 0033:0x4582b9
[  343.709257][T16157] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  343.728842][T16157] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  343.737255][T16157] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  343.746008][T16157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  343.753973][T16157] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  343.761927][T16157] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  343.769883][T16157] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="228f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:31 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:31 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x2000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:31 executing program 3:

03:38:31 executing program 1 (fault-call:3 fault-nth:37):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:31 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000000)={<r2=>0x0, 0x909}, &(0x7f0000000180)=0xc)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000001c0)={r2, @in={{0x2, 0x4e21, @remote}}, 0x81, 0x100000001}, 0x90)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r1, 0x110, 0x3)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f0000000140)={0x100000001, 0x0, 0xf70, 0x8})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff01000000000000000000000000000000000000000000b1dcb40dd30000000000001d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/149], 0x1)

03:38:31 executing program 3:

03:38:31 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x7)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = fcntl$dupfd(r0, 0x406, r0)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x20000, 0x0)
ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, &(0x7f0000000040)={0x34})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000a17662d7f1644b727b2a65354b2ce49ae73646bc23783a9980a321713bb474629b342e2448d4c78f080c745cdcccc131d7c56f4f91191d1eac02354e51d5d94177cd83ad53c21a9d7acb5f56732d2f78fcd610c1b69f5155686a04932dcf7cd34342b20113eb19a8a437c33a17bff6aec909e8051ade40"], 0x1)

03:38:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  345.744235][T16169] FAULT_INJECTION: forcing a failure.
[  345.744235][T16169] name failslab, interval 1, probability 0, space 0, times 0
[  345.776187][T16169] CPU: 0 PID: 16169 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  345.784209][T16169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
03:38:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  345.794277][T16169] Call Trace:
[  345.797590][T16169]  dump_stack+0x172/0x1f0
[  345.801952][T16169]  should_fail.cold+0xa/0x15
[  345.806562][T16169]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  345.812396][T16169]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  345.818665][T16169]  __should_failslab+0x121/0x190
[  345.823614][T16169]  should_failslab+0x9/0x14
[  345.828135][T16169]  kmem_cache_alloc+0x47/0x6f0
[  345.832926][T16169]  ? anon_vma_chain_link+0x154/0x1c0
[  345.838226][T16169]  anon_vma_clone+0xde/0x480
03:38:31 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={<r1=>0x0, 0x8}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000080)=r1, 0x4)
fstatfs(r0, &(0x7f00000000c0)=""/105)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x4e24, 0x0, @local}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  345.842834][T16169]  anon_vma_fork+0x8f/0x4a0
[  345.847351][T16169]  ? dup_userfaultfd+0x15e/0x6d0
[  345.852300][T16169]  ? memcpy+0x46/0x50
[  345.856304][T16169]  copy_process.part.0+0x350f/0x7980
[  345.861625][T16169]  ? __cleanup_sighand+0x60/0x60
[  345.866589][T16169]  ? lock_downgrade+0x880/0x880
[  345.871470][T16169]  ? kasan_check_write+0x14/0x20
[  345.876423][T16169]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  345.882000][T16169]  _do_fork+0x257/0xfd0
[  345.886183][T16169]  ? fork_idle+0x1d0/0x1d0
[  345.890616][T16169]  ? fput+0x1b/0x20
03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  345.894439][T16169]  ? ksys_write+0x166/0x1f0
[  345.898975][T16169]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  345.904447][T16169]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  345.909925][T16169]  ? do_syscall_64+0x26/0x610
[  345.914616][T16169]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  345.920688][T16169]  ? do_syscall_64+0x26/0x610
[  345.925378][T16169]  __x64_sys_clone+0xbf/0x150
[  345.930064][T16169]  do_syscall_64+0x103/0x610
[  345.934679][T16169]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  345.940572][T16169] RIP: 0033:0x4582b9
03:38:32 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000000), 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x2)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@loopback, @in6=@loopback, 0x4e22, 0x1, 0x4e22, 0x8001, 0xa, 0x80, 0x20, 0x0, 0x0, r2}, {0x18f3, 0x3fffffff800000, 0x955, 0x8, 0x7ff, 0x54, 0x401, 0xffff}, {0x1000, 0x0, 0x10000, 0x6}, 0x0, 0x6e6bb1, 0x0, 0x1, 0x3}, {{@in6=@loopback, 0x4d4, 0xff}, 0xa, @in=@rand_addr=0x3, 0x34ff, 0x3, 0x2, 0x7, 0x9, 0x3, 0xffffffffffffae2e}}, 0xe8)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000006376000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  345.944481][T16169] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  345.964098][T16169] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  345.972529][T16169] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  345.980504][T16169] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  345.988484][T16169] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  345.996460][T16169] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  346.004435][T16169] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:32 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, 0x0}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:32 executing program 3:

03:38:32 executing program 1 (fault-call:3 fault-nth:38):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:32 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x3000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:32 executing program 3:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x3)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x14)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10)

03:38:32 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:32 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  346.320470][T16218] FAULT_INJECTION: forcing a failure.
[  346.320470][T16218] name failslab, interval 1, probability 0, space 0, times 0
03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:32 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x4000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:32 executing program 3:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x44000400000002, 0x0)
write$P9_RXATTRWALK(0xffffffffffffffff, 0x0, 0x0)
write$P9_RSTATFS(r0, 0x0, 0x0)

[  346.384179][T16218] CPU: 0 PID: 16218 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  346.392206][T16218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  346.402274][T16218] Call Trace:
[  346.405588][T16218]  dump_stack+0x172/0x1f0
[  346.409951][T16218]  should_fail.cold+0xa/0x15
[  346.414575][T16218]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  346.420421][T16218]  ? ___might_sleep+0x163/0x280
[  346.425304][T16218]  __should_failslab+0x121/0x190
03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  346.430263][T16218]  should_failslab+0x9/0x14
[  346.434783][T16218]  kmem_cache_alloc+0x2b2/0x6f0
[  346.439659][T16218]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  346.445403][T16218]  ? __vm_enough_memory+0x320/0x5a0
[  346.450623][T16218]  vm_area_dup+0x21/0x170
[  346.454962][T16218]  copy_process.part.0+0x3431/0x7980
[  346.460285][T16218]  ? __cleanup_sighand+0x60/0x60
[  346.465257][T16218]  ? lock_downgrade+0x880/0x880
[  346.470137][T16218]  ? kasan_check_write+0x14/0x20
[  346.475099][T16218]  ? __mutex_unlock_slowpath+0xf8/0x6b0
03:38:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetl\x04\x00\x00\x00\x00\x00\x00\x00age_ir_Z\xa2\xf4es\x00', 0x275a, 0x0)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)
ioctl(0xffffffffffffffff, 0x0, 0x0)

[  346.480748][T16218]  _do_fork+0x257/0xfd0
[  346.484929][T16218]  ? fork_idle+0x1d0/0x1d0
[  346.489384][T16218]  ? fput+0x1b/0x20
[  346.493199][T16218]  ? ksys_write+0x166/0x1f0
[  346.497715][T16218]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  346.503185][T16218]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  346.508660][T16218]  ? do_syscall_64+0x26/0x610
[  346.513350][T16218]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  346.519689][T16218]  ? do_syscall_64+0x26/0x610
[  346.524480][T16218]  __x64_sys_clone+0xbf/0x150
[  346.529176][T16218]  do_syscall_64+0x103/0x610
03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  346.533775][T16218]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  346.539703][T16218] RIP: 0033:0x4582b9
[  346.543609][T16218] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  346.563223][T16218] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  346.571647][T16218] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  346.579646][T16218] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  346.587624][T16218] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  346.595599][T16218] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  346.603585][T16218] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:32 executing program 1 (fault-call:3 fault-nth:39):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:32 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)

03:38:32 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x5000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:32 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229a01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  346.836343][T16254] FAULT_INJECTION: forcing a failure.
[  346.836343][T16254] name failslab, interval 1, probability 0, space 0, times 0
03:38:33 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip_tables_names\x00')
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@hyper})

[  346.882527][T16254] CPU: 1 PID: 16254 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  346.890538][T16254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  346.900606][T16254] Call Trace:
[  346.903921][T16254]  dump_stack+0x172/0x1f0
[  346.908269][T16254]  should_fail.cold+0xa/0x15
[  346.912881][T16254]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  346.918702][T16254]  ? ___might_sleep+0x163/0x280
[  346.918723][T16254]  __should_failslab+0x121/0x190
[  346.918742][T16254]  should_failslab+0x9/0x14
[  346.933034][T16254]  kmem_cache_alloc+0x2b2/0x6f0
[  346.933050][T16254]  ? anon_vma_clone+0x320/0x480
[  346.933072][T16254]  anon_vma_fork+0xfc/0x4a0
[  346.933087][T16254]  ? dup_userfaultfd+0x15e/0x6d0
[  346.933100][T16254]  ? memcpy+0x46/0x50
[  346.933123][T16254]  copy_process.part.0+0x350f/0x7980
[  346.933164][T16254]  ? __cleanup_sighand+0x60/0x60
[  346.966463][T16254]  ? lock_downgrade+0x880/0x880
[  346.971329][T16254]  ? kasan_check_write+0x14/0x20
[  346.976281][T16254]  ? __mutex_unlock_slowpath+0xf8/0x6b0
03:38:33 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x7000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  346.981862][T16254]  _do_fork+0x257/0xfd0
[  346.986031][T16254]  ? fork_idle+0x1d0/0x1d0
[  346.990459][T16254]  ? fput+0x1b/0x20
[  346.994368][T16254]  ? ksys_write+0x166/0x1f0
[  346.998895][T16254]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  347.004364][T16254]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  347.009852][T16254]  ? do_syscall_64+0x26/0x610
[  347.014536][T16254]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  347.020609][T16254]  ? do_syscall_64+0x26/0x610
[  347.025301][T16254]  __x64_sys_clone+0xbf/0x150
03:38:33 executing program 5:
clock_gettime(0x0, &(0x7f0000000000)={<r0=>0x0, <r1=>0x0})
r2 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x0, 0x101000)
ioctl$VIDIOC_S_AUDOUT(r2, 0x40345632, &(0x7f0000000840)={0x9, "0cc6ee0181392cf54dd316d51b147006dda88290a316cdd32ee2cac9141bc85d", 0x1, 0x1})
ioctl$SIOCGSTAMPNS(r2, 0x8907, &(0x7f00000000c0))
clock_settime(0x7, &(0x7f0000000040)={r0, r1+10000000})
fcntl$getownex(r2, 0x10, &(0x7f0000000800)={0x0, <r3=>0x0})
ptrace$pokeuser(0x6, r3, 0x8, 0x2)
socket$inet6(0xa, 0x3, 0x200)
r4 = socket$inet6(0xa, 0x80002, 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x2a, &(0x7f0000000200)={0xffd, {{0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x100}}}, 0xffffffffffffff3e)
clock_gettime(0x0, &(0x7f00000002c0)={<r5=>0x0, <r6=>0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f0000000300)={{0x9, 0x7, 0xfffffffffffffff7, 0xb514, 'syz1\x00', 0x9}, 0x1, [0x10000, 0x4, 0xee1, 0x1, 0x0, 0x8, 0x4, 0x4, 0x3, 0x3, 0x9, 0x6, 0x0, 0x1f, 0x7, 0x8, 0x9f, 0x1, 0x7fffffff, 0x6, 0x101, 0x10001, 0x4, 0x4, 0xbfee, 0x81, 0x10000, 0x9, 0xe4, 0x3ff, 0x2, 0xa1, 0x7fff, 0x1ff, 0x2, 0x0, 0x79, 0x400, 0x8b, 0x9, 0x7fff, 0x81, 0x9ee2, 0x3, 0x26e0, 0x3, 0x3, 0xa0, 0x2, 0x7fff, 0xd46, 0x5, 0x100000001, 0x0, 0x1d, 0xae, 0x9, 0x94, 0x1f, 0x0, 0x9, 0x8001, 0x80000001, 0x7, 0x6, 0x9, 0x1000, 0x1, 0x7ff, 0x7fff, 0x88e83d3, 0x2, 0x0, 0x80000000, 0x7ff, 0x6f2, 0x6, 0x2, 0x5, 0x0, 0x5, 0x3, 0x2ee, 0x800, 0x0, 0x7, 0x20, 0x2, 0x10000, 0x10001, 0x3f, 0x42, 0x4, 0x401, 0x9, 0xb5cb, 0xfa, 0xb8f, 0x5, 0x2, 0x0, 0x81, 0x4, 0x3, 0xb2b, 0x3f, 0x0, 0xfa2a, 0x3, 0x8, 0x8, 0x0, 0x9, 0x1, 0x8fe, 0x0, 0xfffffffffffffff7, 0x1ff, 0x1000, 0x9, 0xe9, 0x10001, 0xfffffffffffffffc, 0x80, 0x8, 0x9, 0x3, 0x5], {r5, r6+10000000}})
setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000100)=ANY=[@ANYBLOB="0000000000000000ff0100000000000000fe00002c34c7b7c00000000000000000000000004a66bd0000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000cd983adc78570ec9fd0be4064b3f029dc59de415c49d1089f283efdb30c1fe074bef2a85ff64cefb0f29ebc9b15395d4f83e77b8f87ba11fe0f0cf4c78da2fe9bbae8c0b1f3a82c68803840d11f1514f4f636dab73943bfb80dfdf6c7edd"], 0x1)

[  347.029988][T16254]  do_syscall_64+0x103/0x610
[  347.034597][T16254]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  347.040497][T16254] RIP: 0033:0x4582b9
[  347.044400][T16254] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  347.044415][T16254] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  347.044429][T16254] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:38:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229b01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  347.044437][T16254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  347.044446][T16254] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  347.044455][T16254] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  347.044464][T16254] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229c01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:33 executing program 1 (fault-call:3 fault-nth:40):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:33 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:33 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x200000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:33 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x8000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:33 executing program 5:
r0 = add_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="f64aa59304a3eb6a8121b0e71c426622ab99803809a2f91935f8a67352c255a1883e430aeccb7324e7069b4dff1b331f16ee7742e29aec84e21fdca2e076b2ac4f558d5b61bb65b4fd0f178a04c5d5c182b57b7e734273ed95c1751379c4f8ced428b098d22c9b6b13bbadb00ce823418133f316b37a6f6073575bb3beae9dabba4abc284ecd7bbfe481fb842d", 0x8d, 0xfffffffffffffffe)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x28180, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f00000001c0)=0x1ff, 0x4)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f0000000140)={r0, 0x3, 0x7}, &(0x7f0000000580)=ANY=[@ANYBLOB="656e633d706b63733120686173683d6d64342d67656e657269630000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bb4ef63a8ca7af9e1184df3801631322a53b8cc3986748bee44d2fa1b61caaf111604ac773e72de8b829a563c6f873091111046f21861563fa0edd66724d4655c1d4a54f983633134cd27c1fc98ce560edd5a710799c3bce8d72637f41ee140160230651b03e7f2ef09ebac594e18e4aa9a5bc"], &(0x7f0000000200)="e8e85a503c3294a44afc8647fd2b2b3a7de723675ff4e43505ccd87faa0ac7a017554d7903fcd468c630c1cf48ba0ab9412a307f4f504170a5d11dd6951d53ff112f0c7076744901e50d7f39a7da2f86ff17a20ddc5434ef61a0fe383f3cec80ff1a2535b8f8daa0a7ff007f425921e069c88e987b2a8688e7178ac96eda5bdc40a9dd8d6017f78e31", &(0x7f00000002c0)=""/22)
r2 = socket$inet6(0xa, 0x80001, 0x0)
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000340)=<r3=>0x0)
ptrace$getregs(0xe, r3, 0x37, &(0x7f0000000380)=""/24)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000680)={0xfffffffffffffffd, 0x0, 0xffffffffffffa544, 0x80000001, 0x5d}, 0xc)
getsockname$inet6(r1, &(0x7f00000006c0)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000000700)=0x1c)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYPTR64=&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f00000003c0)=ANY=[@ANYRES16=r0, @ANYBLOB="133cda1387f70deba15c8c44f3d5523213d9b2d38ff7e93767148f8ec5ba962954c70647c2b8aff5a240b909c496642f0a2ae625d977daf327c0f7d74ff475c7fb4af64694ac70a40b52d6cad70c52844672e71eab480b824cf6e5398b98c0e76a2c3b6289d20ff15884ac9a0dd8640c5f35e9b7da5de5db67ff90d234fa7b08b70cadb7", @ANYBLOB="88b03c0519decca855229c80c3d30be1c6d43dd8d26b90eb1c8216c3da8478009ff1bb5a492924c63a1a8a19ee33545842cd005500"/68, @ANYBLOB="fdd4c31bed4e1f0fe2eb01ba8dc8fe9d5d022bfbcf4c83dd6ce4c0aa618ffac15746945e73e2333d98eee2d8b5a581e0c51b248a191a8cbfe5f275a432c0c3ef22c463a03325b81afbb1d60cdeaef5daf1949835854c54c8018c31804a8835390d587ff64f", @ANYRES32=0x0, @ANYRESOCT=0x0, @ANYRES64=r0], @ANYRESDEC=r0]], 0x1)

03:38:33 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  347.402509][T16300] FAULT_INJECTION: forcing a failure.
[  347.402509][T16300] name failslab, interval 1, probability 0, space 0, times 0
[  347.420899][T16300] CPU: 1 PID: 16300 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  347.428904][T16300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  347.439053][T16300] Call Trace:
[  347.442362][T16300]  dump_stack+0x172/0x1f0
[  347.446716][T16300]  should_fail.cold+0xa/0x15
[  347.451326][T16300]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  347.457151][T16300]  ? ___might_sleep+0x163/0x280
[  347.462014][T16300]  __should_failslab+0x121/0x190
[  347.462031][T16300]  should_failslab+0x9/0x14
[  347.462047][T16300]  kmem_cache_alloc+0x2b2/0x6f0
[  347.462061][T16300]  ? anon_vma_clone+0x320/0x480
[  347.462084][T16300]  anon_vma_fork+0xfc/0x4a0
[  347.462099][T16300]  ? dup_userfaultfd+0x15e/0x6d0
[  347.462113][T16300]  ? memcpy+0x46/0x50
[  347.462134][T16300]  copy_process.part.0+0x350f/0x7980
03:38:33 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x2, 0x604001)
ioctl$BLKRRPART(r1, 0x125f, 0x0)

[  347.462175][T16300]  ? __cleanup_sighand+0x60/0x60
[  347.471597][T16300]  ? lock_downgrade+0x880/0x880
[  347.471622][T16300]  ? kasan_check_write+0x14/0x20
[  347.471640][T16300]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  347.471662][T16300]  _do_fork+0x257/0xfd0
[  347.471682][T16300]  ? fork_idle+0x1d0/0x1d0
[  347.471696][T16300]  ? fput+0x1b/0x20
[  347.471712][T16300]  ? ksys_write+0x166/0x1f0
[  347.471731][T16300]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  347.471746][T16300]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  347.471759][T16300]  ? do_syscall_64+0x26/0x610
03:38:33 executing program 5:
eventfd(0x43)
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2)
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000040), &(0x7f0000000080)=0x4)
fsetxattr$security_smack_transmute(r1, &(0x7f00000000c0)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000100)='TRUE', 0x4, 0x1)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  347.471773][T16300]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  347.471793][T16300]  ? do_syscall_64+0x26/0x610
[  347.528956][T16300]  __x64_sys_clone+0xbf/0x150
[  347.542708][T16300]  do_syscall_64+0x103/0x610
[  347.572806][T16300]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  347.578712][T16300] RIP: 0033:0x4582b9
[  347.582616][T16300] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:38:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229d01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  347.602229][T16300] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  347.610733][T16300] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  347.610742][T16300] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  347.610750][T16300] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  347.610759][T16300] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  347.610767][T16300] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229e01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:33 executing program 1 (fault-call:3 fault-nth:41):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:33 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0xe000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:33 executing program 3 (fault-call:2 fault-nth:0):
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:33 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000300)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000e5afdb2a01627fc5000000000000000000000000000000000000000000000000000000000000000000ba001ece7214fec4bdcd5ee87a57891000000000000000000000000000000000000000000000000000000000000001000000000000e0"], 0x1)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x80000, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38010000", @ANYRES16=r2, @ANYBLOB="00022dbd7000fddbdf25020000007800030008000300010000001400020069703665727370616e30000000000000080001000100000008e10e5d5a278f967e51cdf024dc0b710004000800000008000100000000000800010001000000140002007465616d5f736c6176655f300000000008000500e0000001080004000100000014000600fe80000000000000000000000000001a080006000700000024000300080007004e2100000800040009000000080004000800000008000500000000002c0003001400020065727370616e3000000000000000413d4ae1020076657468305f746f5f687372000000004800020008000b000200000008000600eb02000008000b000200000008000b000200000014000100ac14140b00000000000000000000000008000b000a00000008000300030000000c0002000800060008000000"], 0x138}, 0x1, 0x0, 0x0, 0xea363778c8f922c6}, 0x44004)
r3 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x80000000000000, 0x1ffc)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000000180)={<r4=>0x0, 0x36, "1c4cfaddc8239623e538fa36a8aa677c76a4d2d35ae2c1eadbf74fbdb85b24cea802e8270e50432476c482554e495a1c9028c6ebe0bf"}, &(0x7f00000001c0)=0x3e)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000200)={r4, 0xd928c27}, 0x8)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000040)={{{@in=@multicast2, @in=@broadcast}}, {{}, 0x0, @in6=@loopback}}, &(0x7f0000000140)=0xe8)

[  347.822125][T16333] FAULT_INJECTION: forcing a failure.
[  347.822125][T16333] name failslab, interval 1, probability 0, space 0, times 0
[  347.838087][T16333] CPU: 0 PID: 16333 Comm: syz-executor.3 Not tainted 5.1.0-rc3+ #55
[  347.846115][T16333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  347.853337][T16331] FAULT_INJECTION: forcing a failure.
[  347.853337][T16331] name fail_page_alloc, interval 1, probability 0, space 0, times 0
03:38:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="229f01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  347.856191][T16333] Call Trace:
[  347.856218][T16333]  dump_stack+0x172/0x1f0
[  347.856247][T16333]  should_fail.cold+0xa/0x15
[  347.872761][T16333]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  347.872782][T16333]  ? ___might_sleep+0x163/0x280
[  347.872801][T16333]  __should_failslab+0x121/0x190
[  347.872820][T16333]  should_failslab+0x9/0x14
[  347.897317][T16333]  kmem_cache_alloc+0x2b2/0x6f0
[  347.897337][T16333]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  347.897360][T16333]  ? _copy_from_user+0xdd/0x150
[  347.912954][T16333]  io_submit_one+0x10e/0x2f90
[  347.912980][T16333]  ? __might_fault+0x12b/0x1e0
[  347.912996][T16333]  ? find_held_lock+0x35/0x130
[  347.913017][T16333]  ? ioctx_alloc+0x1db0/0x1db0
[  347.936775][T16333]  ? __might_fault+0x12b/0x1e0
[  347.941571][T16333]  __x64_sys_io_submit+0x1bd/0x580
[  347.946699][T16333]  ? __x64_sys_io_submit+0x1bd/0x580
[  347.951993][T16333]  ? __ia32_sys_io_destroy+0x420/0x420
[  347.957458][T16333]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  347.963011][T16333]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  347.968478][T16333]  ? do_syscall_64+0x26/0x610
[  347.973155][T16333]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  347.979228][T16333]  ? do_syscall_64+0x26/0x610
[  347.983928][T16333]  ? lockdep_hardirqs_on+0x418/0x5d0
[  347.989226][T16333]  do_syscall_64+0x103/0x610
[  347.993824][T16333]  ? __ia32_sys_io_destroy+0x420/0x420
[  347.999285][T16333]  ? do_syscall_64+0x103/0x610
[  348.004061][T16333]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  348.009962][T16333] RIP: 0033:0x4582b9
[  348.013860][T16333] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  348.033570][T16333] RSP: 002b:00007f039f717c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  348.041989][T16333] RAX: ffffffffffffffda RBX: 00007f039f717c90 RCX: 00000000004582b9
[  348.049969][T16333] RDX: 0000000020001700 RSI: 0000000000000001 RDI: 00007f039f6f7000
[  348.057947][T16333] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  348.065929][T16333] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f039f7186d4
[  348.073914][T16333] R13: 00000000004bf420 R14: 00000000004d11a8 R15: 0000000000000005
[  348.081913][T16331] CPU: 1 PID: 16331 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  348.089905][T16331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  348.099970][T16331] Call Trace:
[  348.103277][T16331]  dump_stack+0x172/0x1f0
[  348.107627][T16331]  should_fail.cold+0xa/0x15
[  348.112262][T16331]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  348.118083][T16331]  ? ___might_sleep+0x163/0x280
[  348.122957][T16331]  should_fail_alloc_page+0x50/0x60
[  348.128337][T16331]  __alloc_pages_nodemask+0x1a1/0x7e0
[  348.133723][T16331]  ? kvm_mmu_notifier_invalidate_range_start+0x1ae/0x280
[  348.140760][T16331]  ? __mmu_notifier_invalidate_range_start+0x177/0x210
[  348.147623][T16331]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  348.147640][T16331]  ? __mmu_notifier_invalidate_range_start+0x177/0x210
[  348.147662][T16331]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  348.147678][T16331]  alloc_pages_current+0x107/0x210
03:38:34 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  348.147697][T16331]  pte_alloc_one+0x1b/0x1a0
[  348.147715][T16331]  __pte_alloc+0x20/0x310
[  348.147732][T16331]  copy_page_range+0x1529/0x1f90
[  348.147771][T16331]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  348.191188][T16331]  ? pmd_alloc+0x180/0x180
[  348.195617][T16331]  ? validate_mm_rb+0xa3/0xc0
[  348.200310][T16331]  ? __vma_link_rb+0x279/0x370
[  348.205089][T16331]  copy_process.part.0+0x568b/0x7980
[  348.210425][T16331]  ? __cleanup_sighand+0x60/0x60
[  348.215375][T16331]  ? lock_downgrade+0x880/0x880
[  348.220259][T16331]  ? kasan_check_write+0x14/0x20
[  348.225207][T16331]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  348.230745][T16331]  _do_fork+0x257/0xfd0
[  348.234888][T16331]  ? fork_idle+0x1d0/0x1d0
[  348.239294][T16331]  ? fput+0x1b/0x20
[  348.243095][T16331]  ? ksys_write+0x166/0x1f0
[  348.247673][T16331]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  348.253119][T16331]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  348.258559][T16331]  ? do_syscall_64+0x26/0x610
[  348.263229][T16331]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  348.269283][T16331]  ? do_syscall_64+0x26/0x610
[  348.274083][T16331]  __x64_sys_clone+0xbf/0x150
[  348.278756][T16331]  do_syscall_64+0x103/0x610
[  348.283353][T16331]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  348.289241][T16331] RIP: 0033:0x4582b9
[  348.293122][T16331] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  348.312720][T16331] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:38:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:34 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000000)={<r1=>0x0, 0x9, 0x0, 0x9f2e, 0x1}, &(0x7f0000000040)=0x18)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@sack_info={<r2=>r1, 0xfffffffffffffffd, 0x81}, &(0x7f00000000c0)=0xc)
setsockopt$inet6_buf(r0, 0x29, 0x7f, &(0x7f0000000200)="0e6d2bfb1ef5d3d67ce30fca756a0d134954622998b87e182f2b5e2461984ee3f67c51f0c8734e24faf5a2ab74035412a9947e8a46c5c16fc437588d4bac25d64fb9a13447642155eefe66f4967a692e585af47da498", 0x56)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff11f9ffffffffffffff000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000b272d1432d833a8580000000623fc8d235c5660f00000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x6, 0x1, 0x80000000, 0x3, r2}, 0x10)
rename(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./file0\x00')

[  348.321133][T16331] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  348.329103][T16331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  348.337059][T16331] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  348.345036][T16331] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  348.352990][T16331] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:34 executing program 1 (fault-call:3 fault-nth:42):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:34 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:34 executing program 3 (fault-call:2 fault-nth:1):
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:34 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x3f000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:34 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)

[  348.523729][T16360] FAULT_INJECTION: forcing a failure.
[  348.523729][T16360] name failslab, interval 1, probability 0, space 0, times 0
[  348.556085][T16360] CPU: 1 PID: 16360 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  348.564185][T16360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  348.574245][T16360] Call Trace:
[  348.577557][T16360]  dump_stack+0x172/0x1f0
[  348.581911][T16360]  should_fail.cold+0xa/0x15
[  348.586522][T16360]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  348.592339][T16360]  ? ___might_sleep+0x163/0x280
[  348.597210][T16360]  __should_failslab+0x121/0x190
[  348.602158][T16360]  should_failslab+0x9/0x14
[  348.606671][T16360]  kmem_cache_alloc+0x2b2/0x6f0
[  348.611536][T16360]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  348.617807][T16360]  ptlock_alloc+0x20/0x70
03:38:34 executing program 5:
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  348.622159][T16360]  pte_alloc_one+0x6d/0x1a0
[  348.626758][T16360]  __pte_alloc+0x20/0x310
[  348.631115][T16360]  copy_page_range+0x1529/0x1f90
[  348.636090][T16360]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  348.642004][T16360]  ? pmd_alloc+0x180/0x180
[  348.646437][T16360]  ? validate_mm_rb+0xa3/0xc0
[  348.651124][T16360]  ? __vma_link_rb+0x279/0x370
[  348.655904][T16360]  copy_process.part.0+0x568b/0x7980
[  348.661232][T16360]  ? __cleanup_sighand+0x60/0x60
[  348.666202][T16360]  ? lock_downgrade+0x880/0x880
[  348.671129][T16360]  ? kasan_check_write+0x14/0x20
[  348.676090][T16360]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  348.676114][T16360]  _do_fork+0x257/0xfd0
[  348.676136][T16360]  ? fork_idle+0x1d0/0x1d0
[  348.676151][T16360]  ? fput+0x1b/0x20
[  348.676173][T16360]  ? ksys_write+0x166/0x1f0
[  348.703530][T16360]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  348.703546][T16360]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  348.703562][T16360]  ? do_syscall_64+0x26/0x610
[  348.703577][T16360]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  348.703592][T16360]  ? do_syscall_64+0x26/0x610
[  348.703613][T16360]  __x64_sys_clone+0xbf/0x150
[  348.703632][T16360]  do_syscall_64+0x103/0x610
[  348.703651][T16360]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  348.703662][T16360] RIP: 0033:0x4582b9
[  348.703683][T16360] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:38:34 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000c2820c0b84a701a7603315b5000000000000001b010000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000004bf7236032114f98d6b6af1d51c0000000000000000000000000000000000009d710000000000000000000000000000000000000000000000000000000000000020010000000000000082bba7a33fdc59f4b2185e7a4da2ab4abe5bc56ad62ec05812fb1f7b6504aacd29364a5f2f6e2130719af8a1e9f00dd36835d33dd9c9673e9764d64228a405f3422f0422c89c158049729c1368a6040eb21c27cf0eb72ea05789fd16153df2fda447cef190128514ef95fc41d613878811b21f599a00ab32d76e1035031dd20900000055f8c1365a06a61ce08a21ce29c45fb656a484dc49262264e9a29106c5955643f415e759dc7fc3d446ef0d58bda698b2159fcbd9aa96ef287f95632390c1fede477ba0bbf0a1"], 0x1)

03:38:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  348.768805][T16360] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  348.777223][T16360] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  348.785201][T16360] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  348.793176][T16360] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  348.801153][T16360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  348.809133][T16360] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:35 executing program 1 (fault-call:3 fault-nth:43):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:35 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$RTC_EPOCH_SET(r1, 0x4008700e, 0x5)

03:38:35 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:35 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:35 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x100000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  348.950041][T16392] FAULT_INJECTION: forcing a failure.
[  348.950041][T16392] name failslab, interval 1, probability 0, space 0, times 0
03:38:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:35 executing program 5:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000002780))
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1ff, 0x200)
fremovexattr(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="737973742000000000000000646d6d69646923008ccac023e502cc9b629bb44e69e048fd383498f440d8e1cb8e427ef4375307000000"])
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0x5, @mcast1, 0x100000001}, 0x1c)
io_setup(0x1, &(0x7f0000000200)=<r2=>0x0)
io_cancel(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, r1, &(0x7f0000000240)="c78fe707ddb479f8a922eb5362263b6104af4014e476e1a47bdaf733a53b7de1e18aa60deb5f885e529e52b95cacdf9623c2462f02758108", 0x38, 0x9, 0x0, 0x2, r1}, &(0x7f00000002c0))
r3 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b01000000000000000004000000000000000000000000000000ebff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d700000000000000000000000000000000070000000000000000010000000000000074011907b30ab3054031cb258b29be0ebfa4f65da7711f65bd806123b44e82a3c479258a34ccd70fcc0db6245343548c43281908fedd64539f86757316294fb6312292703064d5b25e9873ba6cc3593699f0c96662c9c78e8817e436a43d2619d68b923a167b3595f1f0724a495cb79f4fb664e1ce09fa2f8a1f9f59708920261bdcdd6995d3473b395b323b0cf97799e313"], 0x1)

[  349.047888][T16392] CPU: 1 PID: 16392 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  349.055914][T16392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  349.065999][T16392] Call Trace:
[  349.069304][T16392]  dump_stack+0x172/0x1f0
[  349.073656][T16392]  should_fail.cold+0xa/0x15
[  349.078271][T16392]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  349.084099][T16392]  ? ___might_sleep+0x163/0x280
[  349.088967][T16392]  __should_failslab+0x121/0x190
[  349.093914][T16392]  should_failslab+0x9/0x14
[  349.098432][T16392]  kmem_cache_alloc+0x2b2/0x6f0
[  349.103289][T16392]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  349.103312][T16392]  ptlock_alloc+0x20/0x70
[  349.103328][T16392]  pte_alloc_one+0x6d/0x1a0
[  349.103344][T16392]  __pte_alloc+0x20/0x310
[  349.103363][T16392]  copy_page_range+0x1529/0x1f90
[  349.103401][T16392]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  349.113967][T16392]  ? pmd_alloc+0x180/0x180
[  349.113985][T16392]  ? validate_mm_rb+0xa3/0xc0
[  349.114003][T16392]  ? __vma_link_rb+0x279/0x370
03:38:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  349.114026][T16392]  copy_process.part.0+0x568b/0x7980
[  349.114068][T16392]  ? __cleanup_sighand+0x60/0x60
[  349.157639][T16392]  ? lock_downgrade+0x880/0x880
[  349.162511][T16392]  ? kasan_check_write+0x14/0x20
[  349.167462][T16392]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  349.173020][T16392]  _do_fork+0x257/0xfd0
[  349.177197][T16392]  ? fork_idle+0x1d0/0x1d0
[  349.181626][T16392]  ? fput+0x1b/0x20
[  349.185455][T16392]  ? ksys_write+0x166/0x1f0
[  349.189973][T16392]  ? trace_hardirqs_on_thunk+0x1a/0x1c
03:38:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  349.189990][T16392]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  349.190006][T16392]  ? do_syscall_64+0x26/0x610
[  349.190022][T16392]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  349.190036][T16392]  ? do_syscall_64+0x26/0x610
[  349.190055][T16392]  __x64_sys_clone+0xbf/0x150
[  349.190076][T16392]  do_syscall_64+0x103/0x610
[  349.200991][T16392]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  349.231512][T16392] RIP: 0033:0x4582b9
03:38:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  349.235449][T16392] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  349.255070][T16392] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  349.263644][T16392] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  349.271626][T16392] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  349.279777][T16392] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  349.287756][T16392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  349.295732][T16392] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:35 executing program 1 (fault-call:3 fault-nth:44):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:35 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
syz_open_dev$loop(0x0, 0x0, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x402440, 0x0)
getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14)
r2 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000000)=0x5)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000480)='/dev/snd/pcmC#D#p\x00', 0x0, 0x405)
dup2(r3, 0xffffffffffffffff)
write$P9_RGETATTR(r3, &(0x7f00000006c0)={0xa0, 0x19, 0x1, {0x200, {0x83, 0x3, 0x1}, 0x40, 0x0, 0x0, 0x0, 0x5, 0xfffffffffffffff7, 0x1, 0x3, 0x0, 0x9, 0x7fff, 0x6, 0x2b0, 0x7, 0x2, 0x668, 0x822, 0x8}}, 0xa0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:35 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  349.437594][T16433] FAULT_INJECTION: forcing a failure.
[  349.437594][T16433] name failslab, interval 1, probability 0, space 0, times 0
[  349.465958][T16433] CPU: 1 PID: 16433 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  349.473963][T16433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  349.484115][T16433] Call Trace:
[  349.487434][T16433]  dump_stack+0x172/0x1f0
[  349.491790][T16433]  should_fail.cold+0xa/0x15
[  349.496415][T16433]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  349.502235][T16433]  ? find_held_lock+0x35/0x130
[  349.507015][T16433]  ? percpu_ref_put_many+0x94/0x190
[  349.512230][T16433]  __should_failslab+0x121/0x190
[  349.517183][T16433]  should_failslab+0x9/0x14
[  349.521695][T16433]  kmem_cache_alloc+0x47/0x6f0
[  349.526475][T16433]  anon_vma_clone+0xde/0x480
[  349.531084][T16433]  anon_vma_fork+0x8f/0x4a0
[  349.535601][T16433]  ? dup_userfaultfd+0x15e/0x6d0
[  349.540547][T16433]  ? memcpy+0x46/0x50
[  349.544547][T16433]  copy_process.part.0+0x350f/0x7980
[  349.549878][T16433]  ? __cleanup_sighand+0x60/0x60
[  349.554834][T16433]  ? lock_downgrade+0x880/0x880
[  349.559705][T16433]  ? kasan_check_write+0x14/0x20
[  349.564657][T16433]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  349.570226][T16433]  _do_fork+0x257/0xfd0
[  349.570250][T16433]  ? fork_idle+0x1d0/0x1d0
[  349.570266][T16433]  ? fput+0x1b/0x20
[  349.570282][T16433]  ? ksys_write+0x166/0x1f0
[  349.570306][T16433]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  349.578876][T16433]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  349.578893][T16433]  ? do_syscall_64+0x26/0x610
[  349.578909][T16433]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  349.578923][T16433]  ? do_syscall_64+0x26/0x610
[  349.578944][T16433]  __x64_sys_clone+0xbf/0x150
[  349.578965][T16433]  do_syscall_64+0x103/0x610
[  349.622863][T16433]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  349.628741][T16433] RIP: 0033:0x4582b9
[  349.633382][T16433] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  349.652977][T16433] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  349.661435][T16433] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  349.669430][T16433] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  349.677386][T16433] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  349.685343][T16433] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  349.693305][T16433] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:35 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:35 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000140)=ANY=[@ANYRES16=r0], 0x1)

03:38:38 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x200000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22a901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:38 executing program 1 (fault-call:3 fault-nth:45):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:38 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:38 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030c9000000000000000000000000000000000000000000000001000000000021a98fe0978b806f55848d23cdba1344051b670ccaa703fe0e8ff32867df1849733d723030e17b0460b68fe328f757d1ac51477dd6635669ff3376d4ba003ba631bade3754eca66700498dcbe1989f91130b2f7d0bc90b62578844edc9a0d76538dd38db60244305af3b616156a14ba66355ebc901"], 0x1)

03:38:38 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x4, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  352.088166][T16459] FAULT_INJECTION: forcing a failure.
[  352.088166][T16459] name failslab, interval 1, probability 0, space 0, times 0
[  352.101294][T16459] CPU: 0 PID: 16459 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  352.109405][T16459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  352.119469][T16459] Call Trace:
[  352.122785][T16459]  dump_stack+0x172/0x1f0
[  352.127138][T16459]  should_fail.cold+0xa/0x15
[  352.131749][T16459]  ? fault_create_debugfs_attr+0x1e0/0x1e0
03:38:38 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x161800)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000100)=@nat={'nat\x00', 0x1b, 0x5, 0x5e0, 0x1f0, 0x1f0, 0x310, 0x1f0, 0x1f0, 0x548, 0x548, 0x548, 0x548, 0x548, 0x5, &(0x7f0000000080), {[{{@uncond, 0x0, 0x1b8, 0x1f0, 0x0, {}, [@common=@unspec=@comment={0x120, 'comment\x00'}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x8, @broadcast, @multicast1, @port=0x4e22, @icmp_id=0x65}}}}, {{@ip={@dev={0xac, 0x14, 0x14, 0x1a}, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xff000000, 0x0, '\x00', 'veth1_to_team\x00', {0xff}, {}, 0x4, 0x0, 0xaf71f48ceacd9b3a}, 0x0, 0xe8, 0x120, 0x0, {}, [@common=@osf={0x50, 'osf\x00', 0x0, {'syz1\x00', 0x1f, 0x0, 0x1, 0x2}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x12, @remote, @empty, @gre_key=0x5, @port=0x4e23}}}}, {{@ip={@local, @local, 0x0, 0x0, 'bond_slave_0\x00', 'yam0\x00', {}, {0xff}, 0x29, 0x1, 0x12}, 0x0, 0x110, 0x148, 0x0, {}, [@common=@osf={0x50, 'osf\x00', 0x0, {'syz1\x00', 0x1f, 0x1, 0x2, 0x2}}, @common=@ttl={0x28, 'ttl\x00', 0x0, {0x2, 0x7ff}}]}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x6, @multicast1, @loopback, @port=0x4e24, @port=0x4e22}}}}, {{@ip={@remote, @rand_addr=0x3f, 0xff, 0xffffffff, 'veth0_to_bond\x00', 'ip6tnl0\x00', {0xff}, {0x8db249ec27b949fa}, 0x19, 0x0, 0x40}, 0x0, 0xb8, 0xf0, 0x0, {}, [@common=@socket0={0x20, 'socket\x00'}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1a, @local, @multicast1, @icmp_id=0x66, @icmp_id=0x68}}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x640)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000100000000000000"], 0x1)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000000)={'rose0\x00', {0x2, 0x4e24, @broadcast}})

03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22aa01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ab01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  352.137568][T16459]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  352.143829][T16459]  __should_failslab+0x121/0x190
[  352.149121][T16459]  should_failslab+0x9/0x14
[  352.153644][T16459]  kmem_cache_alloc+0x47/0x6f0
[  352.158421][T16459]  ? anon_vma_chain_link+0x154/0x1c0
[  352.163725][T16459]  anon_vma_clone+0xde/0x480
[  352.168329][T16459]  anon_vma_fork+0x8f/0x4a0
[  352.172843][T16459]  ? dup_userfaultfd+0x15e/0x6d0
[  352.177787][T16459]  ? memcpy+0x46/0x50
[  352.181802][T16459]  copy_process.part.0+0x350f/0x7980
[  352.187212][T16459]  ? __cleanup_sighand+0x60/0x60
[  352.192153][T16459]  ? lock_downgrade+0x880/0x880
[  352.192178][T16459]  ? kasan_check_write+0x14/0x20
[  352.192195][T16459]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  352.192216][T16459]  _do_fork+0x257/0xfd0
[  352.192236][T16459]  ? fork_idle+0x1d0/0x1d0
[  352.202010][T16459]  ? fput+0x1b/0x20
[  352.202028][T16459]  ? ksys_write+0x166/0x1f0
[  352.202048][T16459]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  352.202063][T16459]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  352.202078][T16459]  ? do_syscall_64+0x26/0x610
[  352.202092][T16459]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  352.202105][T16459]  ? do_syscall_64+0x26/0x610
[  352.202126][T16459]  __x64_sys_clone+0xbf/0x150
[  352.202145][T16459]  do_syscall_64+0x103/0x610
[  352.202166][T16459]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  352.216272][T16459] RIP: 0033:0x4582b9
03:38:38 executing program 1 (fault-call:3 fault-nth:46):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  352.216287][T16459] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  352.216296][T16459] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  352.216310][T16459] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  352.216325][T16459] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  352.230080][T16459] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  352.230089][T16459] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  352.230098][T16459] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ac01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ad01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  352.434200][T16486] FAULT_INJECTION: forcing a failure.
[  352.434200][T16486] name failslab, interval 1, probability 0, space 0, times 0
[  352.451991][T16486] CPU: 1 PID: 16486 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  352.459994][T16486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  352.470061][T16486] Call Trace:
[  352.473367][T16486]  dump_stack+0x172/0x1f0
[  352.477718][T16486]  should_fail.cold+0xa/0x15
03:38:38 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x300000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:38 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x300, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  352.482329][T16486]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  352.482346][T16486]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  352.482371][T16486]  __should_failslab+0x121/0x190
[  352.499520][T16486]  should_failslab+0x9/0x14
[  352.499537][T16486]  kmem_cache_alloc+0x47/0x6f0
[  352.499559][T16486]  ? anon_vma_chain_link+0x154/0x1c0
[  352.514115][T16486]  anon_vma_clone+0xde/0x480
[  352.518723][T16486]  anon_vma_fork+0x8f/0x4a0
[  352.523239][T16486]  ? dup_userfaultfd+0x15e/0x6d0
[  352.528193][T16486]  ? memcpy+0x46/0x50
03:38:38 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000), &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ae01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  352.532217][T16486]  copy_process.part.0+0x350f/0x7980
[  352.537535][T16486]  ? __cleanup_sighand+0x60/0x60
[  352.542487][T16486]  ? lock_downgrade+0x880/0x880
[  352.547358][T16486]  ? kasan_check_write+0x14/0x20
[  352.547375][T16486]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  352.547397][T16486]  _do_fork+0x257/0xfd0
[  352.562030][T16486]  ? fork_idle+0x1d0/0x1d0
[  352.566461][T16486]  ? fput+0x1b/0x20
[  352.570283][T16486]  ? ksys_write+0x166/0x1f0
[  352.574806][T16486]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  352.574823][T16486]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  352.574849][T16486]  ? do_syscall_64+0x26/0x610
[  352.574872][T16486]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  352.596626][T16486]  ? do_syscall_64+0x26/0x610
[  352.601327][T16486]  __x64_sys_clone+0xbf/0x150
[  352.606044][T16486]  do_syscall_64+0x103/0x610
[  352.610651][T16486]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  352.616553][T16486] RIP: 0033:0x4582b9
03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22af01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  352.620456][T16486] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  352.647370][T16486] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  352.655804][T16486] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  352.663787][T16486] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  352.671771][T16486] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  352.679752][T16486] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  352.687772][T16486] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:38 executing program 5:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x16)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x80001, 0x0)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x220402, 0x0)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r2, 0x5386, &(0x7f0000000040))
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:38 executing program 1 (fault-call:3 fault-nth:47):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:38 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x400000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:38 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x20000181, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:39 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x8042, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000040))
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:39 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  352.909775][T16523] FAULT_INJECTION: forcing a failure.
[  352.909775][T16523] name failslab, interval 1, probability 0, space 0, times 0
[  352.965179][T16523] CPU: 1 PID: 16523 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  352.973286][T16523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  352.983353][T16523] Call Trace:
[  352.986669][T16523]  dump_stack+0x172/0x1f0
[  352.991025][T16523]  should_fail.cold+0xa/0x15
[  352.995631][T16523]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  353.001452][T16523]  ? ___might_sleep+0x163/0x280
[  353.006316][T16523]  __should_failslab+0x121/0x190
[  353.011279][T16523]  should_failslab+0x9/0x14
[  353.011297][T16523]  kmem_cache_alloc+0x2b2/0x6f0
[  353.011312][T16523]  ? anon_vma_clone+0x320/0x480
[  353.011337][T16523]  anon_vma_fork+0xfc/0x4a0
[  353.011352][T16523]  ? dup_userfaultfd+0x15e/0x6d0
[  353.011366][T16523]  ? memcpy+0x46/0x50
[  353.011388][T16523]  copy_process.part.0+0x350f/0x7980
[  353.011437][T16523]  ? __cleanup_sighand+0x60/0x60
[  353.020750][T16523]  ? lock_downgrade+0x880/0x880
[  353.020777][T16523]  ? kasan_check_write+0x14/0x20
[  353.020795][T16523]  ? __mutex_unlock_slowpath+0xf8/0x6b0
03:38:39 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = socket(0xf, 0x4, 0x9)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_SET_NETID(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r2, 0x202, 0x70bd26, 0x25dfdbfb, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0x7}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x44001}, 0x40000)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000200)={r3, @loopback, @multicast2}, 0xc)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vsock\x00', 0x40000, 0x0)
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f0000000280)={{0x5, 0x80000001}, 0x40}, 0x10)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000540)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff0100000000005224000000000000001b01000000000000000004000001000000000000000000000000000000000000000000000000000000f2cc2b750486cf570c000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000ca29c895ed8b71f911de092cb3d36ff941f2f51487df604b63146d10ba65382e230e8ef782b7de850ec7948ffbfc0565fc057664761858b7c8125eaf5184d040ec199fd8cf47fc16341ce8795bda7039a8d17bd582d3a23157209609911a1439524584866383f314882c986f17aff81841f189d41eda872688cf0360a2b3f87af089e120c71a4117952f2427176f42b234576c7ae2bccc1fa41fb42acf7970dfff1cc86988f1bf9a6ca1cff16bcdaeb686d41dd5c91b79d691025d31e3fd57b45b2a3aca1d77fa01a6faa0910f4990239690305720d76810740d1c9098652261693b3d193eccb9b54cc3e4c4cc7af5485b03dcd0b13b05673da0f6ff"], 0x1)
r5 = syz_open_dev$vbi(&(0x7f0000000400)='/dev/vbi#\x00', 0x1, 0x2)
ioctl$GIO_FONTX(r5, 0x4b6b, &(0x7f0000000440)=""/193)
sendmsg$TIPC_CMD_GET_NETID(r1, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r2, 0x301, 0x70bd26, 0x25dfdbfd, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x48040)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x20000, 0x0)

[  353.020817][T16523]  _do_fork+0x257/0xfd0
[  353.020839][T16523]  ? fork_idle+0x1d0/0x1d0
[  353.073176][T16523]  ? fput+0x1b/0x20
[  353.077004][T16523]  ? ksys_write+0x166/0x1f0
[  353.081555][T16523]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  353.087026][T16523]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  353.092486][T16523]  ? do_syscall_64+0x26/0x610
[  353.092502][T16523]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  353.092529][T16523]  ? do_syscall_64+0x26/0x610
[  353.092551][T16523]  __x64_sys_clone+0xbf/0x150
[  353.092571][T16523]  do_syscall_64+0x103/0x610
[  353.117228][T16523]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  353.123132][T16523] RIP: 0033:0x4582b9
[  353.127043][T16523] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  353.146651][T16523] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  353.146668][T16523] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  353.146677][T16523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  353.146686][T16523] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  353.146695][T16523] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  353.146704][T16523] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:41 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000), &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:41 executing program 5:
r0 = socket$inet6(0xa, 0x5, 0x3ff)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000000))
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x40000, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x1, &(0x7f0000000100), &(0x7f0000000140)=0x4)
write$P9_RSTATFS(r1, &(0x7f0000000080)={0x43, 0x9, 0x1, {0x4, 0x2, 0x9, 0x1, 0x2, 0x31, 0x7fffffff, 0x7, 0x3}}, 0x43)

03:38:41 executing program 1 (fault-call:3 fault-nth:48):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:41 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x2, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:41 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x500000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  355.622460][T16557] FAULT_INJECTION: forcing a failure.
[  355.622460][T16557] name failslab, interval 1, probability 0, space 0, times 0
[  355.674444][T16557] CPU: 0 PID: 16557 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  355.682496][T16557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  355.692567][T16557] Call Trace:
[  355.695891][T16557]  dump_stack+0x172/0x1f0
[  355.700254][T16557]  should_fail.cold+0xa/0x15
[  355.704879][T16557]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  355.710717][T16557]  ? ___might_sleep+0x163/0x280
[  355.715578][T16557]  __should_failslab+0x121/0x190
03:38:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  355.720530][T16557]  should_failslab+0x9/0x14
[  355.720547][T16557]  kmem_cache_alloc+0x2b2/0x6f0
[  355.720562][T16557]  ? anon_vma_clone+0x320/0x480
[  355.720585][T16557]  anon_vma_fork+0x1ea/0x4a0
[  355.729962][T16557]  ? dup_userfaultfd+0x15e/0x6d0
[  355.729988][T16557]  copy_process.part.0+0x350f/0x7980
[  355.730030][T16557]  ? __cleanup_sighand+0x60/0x60
[  355.755297][T16557]  ? lock_downgrade+0x880/0x880
[  355.760174][T16557]  ? kasan_check_write+0x14/0x20
[  355.765226][T16557]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  355.770789][T16557]  _do_fork+0x257/0xfd0
03:38:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  355.774968][T16557]  ? fork_idle+0x1d0/0x1d0
[  355.779388][T16557]  ? fput+0x1b/0x20
[  355.783224][T16557]  ? ksys_write+0x166/0x1f0
[  355.787754][T16557]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  355.793255][T16557]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  355.793271][T16557]  ? do_syscall_64+0x26/0x610
[  355.793287][T16557]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  355.793301][T16557]  ? do_syscall_64+0x26/0x610
[  355.793321][T16557]  __x64_sys_clone+0xbf/0x150
[  355.793352][T16557]  do_syscall_64+0x103/0x610
03:38:41 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = socket(0x10, 0x2, 0xfffffffffffffffd)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000000)={0x33, @multicast2, 0x4e24, 0x1, 'lc\x00', 0x0, 0x0, 0x50}, 0x2c)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  355.793370][T16557]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  355.793389][T16557] RIP: 0033:0x4582b9
[  355.803586][T16557] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  355.803595][T16557] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  355.803610][T16557] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:38:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:42 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='highspeed\x00', 0xa)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  355.803619][T16557] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  355.803628][T16557] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  355.803636][T16557] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  355.803644][T16557] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:44 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000), &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:44 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x3, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:44 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000000)={'yam0\x00', 0x9})
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:44 executing program 1 (fault-call:3 fault-nth:49):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:44 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x700000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22b901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:44 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0x2, {{0xa, 0x0, 0x0, @mcast1, 0x4000000}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  358.695674][T16606] FAULT_INJECTION: forcing a failure.
[  358.695674][T16606] name failslab, interval 1, probability 0, space 0, times 0
[  358.709172][T16606] CPU: 0 PID: 16606 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  358.717183][T16606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  358.727240][T16606] Call Trace:
[  358.730558][T16606]  dump_stack+0x172/0x1f0
[  358.734935][T16606]  should_fail.cold+0xa/0x15
[  358.739545][T16606]  ? fault_create_debugfs_attr+0x1e0/0x1e0
03:38:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ba01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  358.745408][T16606]  ? ___might_sleep+0x163/0x280
[  358.750276][T16606]  __should_failslab+0x121/0x190
[  358.755226][T16606]  should_failslab+0x9/0x14
[  358.759742][T16606]  kmem_cache_alloc+0x2b2/0x6f0
[  358.764606][T16606]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  358.770336][T16606]  ? __vm_enough_memory+0x320/0x5a0
[  358.775558][T16606]  vm_area_dup+0x21/0x170
[  358.780114][T16606]  copy_process.part.0+0x3431/0x7980
[  358.785450][T16606]  ? __cleanup_sighand+0x60/0x60
[  358.790401][T16606]  ? lock_downgrade+0x880/0x880
03:38:44 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5387, &(0x7f0000000040))
r2 = getpid()
ptrace$pokeuser(0x6, r2, 0x1000, 0x4)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  358.795269][T16606]  ? kasan_check_write+0x14/0x20
[  358.800221][T16606]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  358.805788][T16606]  _do_fork+0x257/0xfd0
[  358.809969][T16606]  ? fork_idle+0x1d0/0x1d0
[  358.814401][T16606]  ? fput+0x1b/0x20
[  358.818264][T16606]  ? ksys_write+0x166/0x1f0
[  358.822787][T16606]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  358.828260][T16606]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  358.833765][T16606]  ? do_syscall_64+0x26/0x610
[  358.838454][T16606]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
03:38:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22bb01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  358.844543][T16606]  ? do_syscall_64+0x26/0x610
[  358.849238][T16606]  __x64_sys_clone+0xbf/0x150
[  358.853933][T16606]  do_syscall_64+0x103/0x610
[  358.858548][T16606]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  358.864457][T16606] RIP: 0033:0x4582b9
[  358.868356][T16606] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  358.887973][T16606] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:38:45 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x2, 0x0)
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000080)=0x1)
ioctl$VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f0000000040)={0x1f, 0x5c317376, 0x1, @discrete={0x1, 0x9}})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  358.887999][T16606] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  358.888007][T16606] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  358.888016][T16606] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  358.888024][T16606] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  358.888041][T16606] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:47 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:47 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = dup3(r0, r0, 0x80000)
ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000080)={0x4, 0x75, &(0x7f0000000000)="0579ebb6ec32fadbed414e4fdedace01b97f8850e8dfe0d5b666e8f4495ecf66b6312c01b53aa1734eb86dd0bb63e2e42da5b7d32accb3b7161fe3819be7bf355e96826cfdda9f55e99fda60dd52e6d7de87f0f8dd90198421564dbbc04a01d863d28b5a7bffdc1bd4a8eab165e2189b3d85d7484d"})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:47 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22bc01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:47 executing program 1 (fault-call:3 fault-nth:50):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:47 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:47 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x800000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  361.744937][T16643] FAULT_INJECTION: forcing a failure.
[  361.744937][T16643] name failslab, interval 1, probability 0, space 0, times 0
[  361.778986][T16643] CPU: 0 PID: 16643 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  361.787000][T16643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  361.797144][T16643] Call Trace:
[  361.800437][T16643]  dump_stack+0x172/0x1f0
[  361.804761][T16643]  should_fail.cold+0xa/0x15
[  361.809379][T16643]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  361.815209][T16643]  ? ___might_sleep+0x163/0x280
[  361.820104][T16643]  __should_failslab+0x121/0x190
[  361.825046][T16643]  should_failslab+0x9/0x14
[  361.829553][T16643]  kmem_cache_alloc+0x2b2/0x6f0
[  361.834402][T16643]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  361.840145][T16643]  ? __vm_enough_memory+0x320/0x5a0
[  361.845354][T16643]  vm_area_dup+0x21/0x170
[  361.849673][T16643]  copy_process.part.0+0x3431/0x7980
[  361.854991][T16643]  ? __cleanup_sighand+0x60/0x60
[  361.859949][T16643]  ? lock_downgrade+0x880/0x880
[  361.864825][T16643]  ? kasan_check_write+0x14/0x20
[  361.869790][T16643]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  361.875366][T16643]  _do_fork+0x257/0xfd0
[  361.879542][T16643]  ? fork_idle+0x1d0/0x1d0
[  361.884000][T16643]  ? fput+0x1b/0x20
[  361.887836][T16643]  ? ksys_write+0x166/0x1f0
[  361.892367][T16643]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  361.897813][T16643]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  361.903368][T16643]  ? do_syscall_64+0x26/0x610
[  361.908060][T16643]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  361.914216][T16643]  ? do_syscall_64+0x26/0x610
[  361.918966][T16643]  __x64_sys_clone+0xbf/0x150
[  361.923645][T16643]  do_syscall_64+0x103/0x610
[  361.928240][T16643]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  361.934113][T16643] RIP: 0033:0x4582b9
[  361.937997][T16643] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  361.957760][T16643] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  361.966160][T16643] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  361.974118][T16643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  361.982094][T16643] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
03:38:48 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x401)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000040)={r2, 0x1, 0x6, @remote}, 0x10)
setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000000080)={r2, 0x1, 0x3, @remote}, 0x10)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="04000000000000000a00000000000000ff013069000000000000000000001b010000000000000000040000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000356895d25fa867d87d0200000000000000000100"/144], 0x1)

03:38:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22bd01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  361.990069][T16643] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  361.998039][T16643] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22be01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  362.044953][T16659] device bridge0 entered promiscuous mode
03:38:48 executing program 1 (fault-call:3 fault-nth:51):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:48 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x5, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  362.127735][T16667] FAULT_INJECTION: forcing a failure.
[  362.127735][T16667] name failslab, interval 1, probability 0, space 0, times 0
[  362.151862][T16658] device bridge0 left promiscuous mode
[  362.180252][T16667] CPU: 1 PID: 16667 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  362.188265][T16667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  362.198323][T16667] Call Trace:
[  362.201628][T16667]  dump_stack+0x172/0x1f0
[  362.205987][T16667]  should_fail.cold+0xa/0x15
[  362.210678][T16667]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  362.216515][T16667]  ? find_held_lock+0x35/0x130
[  362.221374][T16667]  ? percpu_ref_put_many+0x94/0x190
03:38:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22bf01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  362.221395][T16667]  __should_failslab+0x121/0x190
[  362.221412][T16667]  should_failslab+0x9/0x14
[  362.221435][T16667]  kmem_cache_alloc+0x47/0x6f0
[  362.221460][T16667]  anon_vma_clone+0xde/0x480
[  362.221483][T16667]  anon_vma_fork+0x8f/0x4a0
[  362.221498][T16667]  ? dup_userfaultfd+0x15e/0x6d0
[  362.221519][T16667]  ? memcpy+0x46/0x50
[  362.231671][T16667]  copy_process.part.0+0x350f/0x7980
[  362.231717][T16667]  ? __cleanup_sighand+0x60/0x60
[  362.231732][T16667]  ? lock_downgrade+0x880/0x880
[  362.231756][T16667]  ? kasan_check_write+0x14/0x20
[  362.231772][T16667]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  362.231798][T16667]  _do_fork+0x257/0xfd0
[  362.245723][T16667]  ? fork_idle+0x1d0/0x1d0
[  362.245740][T16667]  ? fput+0x1b/0x20
[  362.245756][T16667]  ? ksys_write+0x166/0x1f0
[  362.245780][T16667]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  362.255214][T16667]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  362.255229][T16667]  ? do_syscall_64+0x26/0x610
[  362.255243][T16667]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  362.255257][T16667]  ? do_syscall_64+0x26/0x610
[  362.255278][T16667]  __x64_sys_clone+0xbf/0x150
[  362.255297][T16667]  do_syscall_64+0x103/0x610
[  362.255314][T16667]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  362.255325][T16667] RIP: 0033:0x4582b9
[  362.255339][T16667] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  362.255347][T16667] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  362.255361][T16667] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  362.255369][T16667] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  362.255384][T16667] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  362.343444][T16667] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  362.366935][T16667] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:50 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:50 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0)
ioctl$TUNSETPERSIST(r1, 0x400454cb, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000002c0)=ANY=[@ANYPTR64=&(0x7f0000000480)=ANY=[@ANYPTR64=&(0x7f0000000400)=ANY=[@ANYRES32=r1, @ANYRESDEC=r1, @ANYRES64=0x0, @ANYRES64=r0, @ANYRES32=r0, @ANYRESOCT=r0, @ANYPTR64, @ANYRESHEX=r1], @ANYPTR64]], 0x1)

03:38:50 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0xe00000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:50 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:50 executing program 1 (fault-call:3 fault-nth:52):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:50 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x7, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  364.797016][T16687] FAULT_INJECTION: forcing a failure.
[  364.797016][T16687] name failslab, interval 1, probability 0, space 0, times 0
[  364.815743][T16687] CPU: 0 PID: 16687 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  364.823770][T16687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  364.833840][T16687] Call Trace:
[  364.837167][T16687]  dump_stack+0x172/0x1f0
[  364.841522][T16687]  should_fail.cold+0xa/0x15
03:38:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  364.846132][T16687]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  364.851958][T16687]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  364.851983][T16687]  __should_failslab+0x121/0x190
[  364.852006][T16687]  should_failslab+0x9/0x14
[  364.867762][T16687]  kmem_cache_alloc+0x47/0x6f0
[  364.872546][T16687]  ? anon_vma_chain_link+0x154/0x1c0
[  364.877886][T16687]  anon_vma_clone+0xde/0x480
[  364.882522][T16687]  anon_vma_fork+0x8f/0x4a0
[  364.887040][T16687]  ? dup_userfaultfd+0x15e/0x6d0
[  364.891993][T16687]  ? memcpy+0x46/0x50
[  364.896002][T16687]  copy_process.part.0+0x350f/0x7980
[  364.901305][T16687]  ? __cleanup_sighand+0x60/0x60
[  364.906231][T16687]  ? lock_downgrade+0x880/0x880
[  364.911076][T16687]  ? kasan_check_write+0x14/0x20
[  364.916007][T16687]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  364.921540][T16687]  _do_fork+0x257/0xfd0
[  364.925687][T16687]  ? fork_idle+0x1d0/0x1d0
[  364.930091][T16687]  ? fput+0x1b/0x20
[  364.933892][T16687]  ? ksys_write+0x166/0x1f0
[  364.938410][T16687]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  364.943866][T16687]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  364.949324][T16687]  ? do_syscall_64+0x26/0x610
[  364.953988][T16687]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  364.960041][T16687]  ? do_syscall_64+0x26/0x610
[  364.964719][T16687]  __x64_sys_clone+0xbf/0x150
[  364.969503][T16687]  do_syscall_64+0x103/0x610
[  364.974090][T16687]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  364.979975][T16687] RIP: 0033:0x4582b9
[  364.983865][T16687] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  365.003459][T16687] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  365.011869][T16687] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  365.019863][T16687] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  365.027848][T16687] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  365.035819][T16687] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
03:38:51 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20001, 0x0)
ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f00000000c0)='sit0\x00')
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x40)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = getpgrp(0xffffffffffffffff)
lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
lstat(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000280)={r4, r5, r6}, 0xc)
ioctl$IMGETCOUNT(r2, 0x80044943, &(0x7f0000000040))
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  365.043779][T16687] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:51 executing program 1 (fault-call:3 fault-nth:53):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:51 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0xffff, {{0xa, 0x4e22, 0x6, @empty, 0x1000}}}, 0x88)

03:38:51 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x3f00000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  365.229905][T16718] FAULT_INJECTION: forcing a failure.
[  365.229905][T16718] name failslab, interval 1, probability 0, space 0, times 0
[  365.265187][T16718] CPU: 0 PID: 16718 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  365.273206][T16718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  365.283266][T16718] Call Trace:
[  365.286578][T16718]  dump_stack+0x172/0x1f0
[  365.290953][T16718]  should_fail.cold+0xa/0x15
[  365.295564][T16718]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  365.301386][T16718]  ? ___might_sleep+0x163/0x280
[  365.306263][T16718]  __should_failslab+0x121/0x190
[  365.311212][T16718]  should_failslab+0x9/0x14
[  365.315740][T16718]  kmem_cache_alloc+0x2b2/0x6f0
[  365.320606][T16718]  ? anon_vma_clone+0x320/0x480
[  365.325479][T16718]  anon_vma_fork+0xfc/0x4a0
[  365.330005][T16718]  ? dup_userfaultfd+0x15e/0x6d0
[  365.334937][T16718]  ? memcpy+0x46/0x50
[  365.338916][T16718]  copy_process.part.0+0x350f/0x7980
[  365.344217][T16718]  ? __cleanup_sighand+0x60/0x60
[  365.349136][T16718]  ? lock_downgrade+0x880/0x880
[  365.353974][T16718]  ? kasan_check_write+0x14/0x20
[  365.358915][T16718]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  365.364466][T16718]  _do_fork+0x257/0xfd0
[  365.368607][T16718]  ? fork_idle+0x1d0/0x1d0
[  365.373024][T16718]  ? fput+0x1b/0x20
[  365.376818][T16718]  ? ksys_write+0x166/0x1f0
[  365.381317][T16718]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  365.386768][T16718]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  365.392214][T16718]  ? do_syscall_64+0x26/0x610
[  365.396877][T16718]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  365.402955][T16718]  ? do_syscall_64+0x26/0x610
[  365.407620][T16718]  __x64_sys_clone+0xbf/0x150
[  365.412279][T16718]  do_syscall_64+0x103/0x610
[  365.416867][T16718]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  365.422755][T16718] RIP: 0033:0x4582b9
[  365.426637][T16718] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  365.446243][T16718] RSP: 002b:00007fe307633c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  365.454636][T16718] RAX: ffffffffffffffda RBX: 00007fe307633c90 RCX: 00000000004582b9
[  365.462587][T16718] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  365.470654][T16718] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  365.478614][T16718] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076346d4
[  365.486736][T16718] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:53 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:53 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x8, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:53 executing program 5:
r0 = socket$inet6(0xa, 0x4, 0x4000004)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = dup3(r0, r0, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=<r2=>0x0)
mq_notify(r1, &(0x7f0000000040)={0x0, 0x2b, 0x3, @tid=r2})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:38:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:53 executing program 1 (fault-call:3 fault-nth:54):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:53 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  367.866072][T16739] FAULT_INJECTION: forcing a failure.
[  367.866072][T16739] name failslab, interval 1, probability 0, space 0, times 0
[  367.886077][T16739] CPU: 0 PID: 16739 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  367.894084][T16739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  367.904184][T16739] Call Trace:
[  367.904212][T16739]  dump_stack+0x172/0x1f0
[  367.904237][T16739]  should_fail.cold+0xa/0x15
[  367.904260][T16739]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  367.911877][T16739]  ? ___might_sleep+0x163/0x280
[  367.911898][T16739]  __should_failslab+0x121/0x190
[  367.911914][T16739]  should_failslab+0x9/0x14
[  367.911948][T16739]  kmem_cache_alloc+0x2b2/0x6f0
[  367.911969][T16739]  ? anon_vma_clone+0x320/0x480
[  367.941458][T16739]  anon_vma_fork+0x1ea/0x4a0
[  367.941486][T16739]  ? dup_userfaultfd+0x15e/0x6d0
[  367.950916][T16739]  copy_process.part.0+0x350f/0x7980
[  367.961147][T16739]  ? __cleanup_sighand+0x60/0x60
[  367.966111][T16739]  ? lock_downgrade+0x880/0x880
[  367.970994][T16739]  ? kasan_check_write+0x14/0x20
[  367.975949][T16739]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  367.981530][T16739]  _do_fork+0x257/0xfd0
[  367.985705][T16739]  ? fork_idle+0x1d0/0x1d0
[  367.990134][T16739]  ? fput+0x1b/0x20
[  367.993977][T16739]  ? ksys_write+0x166/0x1f0
[  367.998493][T16739]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  368.003968][T16739]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  368.009529][T16739]  ? do_syscall_64+0x26/0x610
[  368.014219][T16739]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  368.020297][T16739]  ? do_syscall_64+0x26/0x610
[  368.025001][T16739]  __x64_sys_clone+0xbf/0x150
[  368.029693][T16739]  do_syscall_64+0x103/0x610
[  368.034331][T16739]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  368.040227][T16739] RIP: 0033:0x4582b9
[  368.044233][T16739] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:38:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:54 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDDELIO(r1, 0x4b35, 0xfff)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r2 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$KEYCTL_PKEY_QUERY(0x18, r2, 0x0, &(0x7f0000000080)='\x00', &(0x7f00000000c0))

03:38:54 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000070000000000000000ff010000000000000000000000001b010000000000000000040000000000000000000002000000000000000000000000000000000000000066ccdb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008e80271fd6f851b57538f8bf"], 0x1)

03:38:54 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0xfffffffffffffe1b)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000ffffffffffffffe200"/129], 0x1)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0xffffffffffff3a7a, 0x7, 0x8, 0x7e36, 0x7fffffff, 0x6})
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$CAPI_GET_MANUFACTURER(r1, 0xc0044306, &(0x7f0000000040)=0x5)

03:38:54 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000100)=ANY=[@ANYBLOB="000000f5798313ac00000000000a00000000000000ff010000000000000000000000001b010000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002501140000000000000000010000"], 0x1)
setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f0000000040)={0x7, {{0xa, 0x4e20, 0x4, @mcast1, 0x895}}}, 0x88)

03:38:54 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
accept$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000040)=0x14)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={@mcast1, @local, @mcast2, 0x100000000, 0x3, 0x0, 0x500, 0x1, 0x4, r1})

[  368.063842][T16739] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  368.072397][T16739] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  368.080371][T16739] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  368.088349][T16739] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  368.096327][T16739] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  368.104305][T16739] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:57 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000016)

03:38:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:38:57 executing program 1 (fault-call:3 fault-nth:55):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:57 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:57 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x300, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:38:57 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0900000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000003"], 0x1)

[  370.990083][T16784] FAULT_INJECTION: forcing a failure.
[  370.990083][T16784] name failslab, interval 1, probability 0, space 0, times 0
[  371.013650][T16784] CPU: 1 PID: 16784 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  371.022171][T16784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  371.033209][T16784] Call Trace:
[  371.036711][T16784]  dump_stack+0x172/0x1f0
[  371.036737][T16784]  should_fail.cold+0xa/0x15
[  371.036760][T16784]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  371.036783][T16784]  ? ___might_sleep+0x163/0x280
[  371.046173][T16784]  __should_failslab+0x121/0x190
[  371.046188][T16784]  should_failslab+0x9/0x14
[  371.046203][T16784]  kmem_cache_alloc+0x2b2/0x6f0
[  371.046217][T16784]  ? anon_vma_clone+0x320/0x480
[  371.046238][T16784]  anon_vma_fork+0x1ea/0x4a0
03:38:57 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x2, {{0xa, 0x3, 0x0, @dev={0xfe, 0x80, [], 0x17}}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x203fd, 0x0)

03:38:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  371.046252][T16784]  ? dup_userfaultfd+0x15e/0x6d0
[  371.046276][T16784]  copy_process.part.0+0x350f/0x7980
[  371.046316][T16784]  ? __cleanup_sighand+0x60/0x60
[  371.069761][T16784]  ? lock_downgrade+0x880/0x880
[  371.069789][T16784]  ? kasan_check_write+0x14/0x20
[  371.069806][T16784]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  371.069829][T16784]  _do_fork+0x257/0xfd0
[  371.086108][T16784]  ? fork_idle+0x1d0/0x1d0
[  371.086124][T16784]  ? fput+0x1b/0x20
03:38:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  371.086141][T16784]  ? ksys_write+0x166/0x1f0
[  371.086168][T16784]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  371.148662][T16784]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  371.155719][T16784]  ? do_syscall_64+0x26/0x610
[  371.161605][T16784]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  371.168105][T16784]  ? do_syscall_64+0x26/0x610
[  371.172934][T16784]  __x64_sys_clone+0xbf/0x150
[  371.177842][T16784]  do_syscall_64+0x103/0x610
[  371.182722][T16784]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  371.188944][T16784] RIP: 0033:0x4582b9
[  371.193418][T16784] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  371.193427][T16784] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  371.193441][T16784] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  371.193450][T16784] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:38:57 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x2)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  371.193459][T16784] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  371.193468][T16784] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  371.193477][T16784] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:38:57 executing program 1 (fault-call:3 fault-nth:56):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:38:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  371.403780][T16813] FAULT_INJECTION: forcing a failure.
[  371.403780][T16813] name failslab, interval 1, probability 0, space 0, times 0
[  371.421136][T16813] CPU: 0 PID: 16813 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  371.430769][T16813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  371.441710][T16813] Call Trace:
[  371.445455][T16813]  dump_stack+0x172/0x1f0
[  371.449933][T16813]  should_fail.cold+0xa/0x15
[  371.454853][T16813]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  371.461330][T16813]  ? ___might_sleep+0x163/0x280
[  371.466297][T16813]  __should_failslab+0x121/0x190
[  371.471494][T16813]  should_failslab+0x9/0x14
[  371.476376][T16813]  kmem_cache_alloc+0x2b2/0x6f0
[  371.482207][T16813]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  371.488775][T16813]  ptlock_alloc+0x20/0x70
[  371.493113][T16813]  pte_alloc_one+0x6d/0x1a0
[  371.497792][T16813]  __pte_alloc+0x20/0x310
[  371.502757][T16813]  copy_page_range+0x1529/0x1f90
[  371.508245][T16813]  ? pmd_alloc+0x180/0x180
[  371.513414][T16813]  ? validate_mm_rb+0xa3/0xc0
[  371.518816][T16813]  ? __vma_link_rb+0x279/0x370
[  371.523634][T16813]  copy_process.part.0+0x568b/0x7980
[  371.529022][T16813]  ? __cleanup_sighand+0x60/0x60
[  371.533974][T16813]  ? lock_downgrade+0x880/0x880
[  371.539096][T16813]  ? kasan_check_write+0x14/0x20
[  371.544599][T16813]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  371.551280][T16813]  _do_fork+0x257/0xfd0
[  371.556107][T16813]  ? fork_idle+0x1d0/0x1d0
[  371.561125][T16813]  ? fput+0x1b/0x20
[  371.565372][T16813]  ? ksys_write+0x166/0x1f0
[  371.570219][T16813]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  371.576235][T16813]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  371.581988][T16813]  ? do_syscall_64+0x26/0x610
[  371.588165][T16813]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  371.595083][T16813]  ? do_syscall_64+0x26/0x610
[  371.600058][T16813]  __x64_sys_clone+0xbf/0x150
[  371.604834][T16813]  do_syscall_64+0x103/0x610
[  371.610929][T16813]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  371.617512][T16813] RIP: 0033:0x4582b9
[  371.622080][T16813] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  371.645015][T16813] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  371.654501][T16813] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  371.663704][T16813] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  371.672256][T16813] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  371.681242][T16813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  371.692492][T16813] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:00 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000016)

03:39:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:00 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x402, 0x0)
ioctl$IOC_PR_PREEMPT_ABORT(r1, 0x401870cc, &(0x7f0000000040)={0x1, 0x80, 0x1, 0x40000000000})

03:39:00 executing program 1 (fault-call:3 fault-nth:57):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:00 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:00 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x500, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ca01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  374.012698][T16828] FAULT_INJECTION: forcing a failure.
[  374.012698][T16828] name failslab, interval 1, probability 0, space 0, times 0
[  374.059068][T16828] CPU: 0 PID: 16828 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  374.067564][T16828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  374.077720][T16828] Call Trace:
[  374.081125][T16828]  dump_stack+0x172/0x1f0
[  374.085672][T16828]  should_fail.cold+0xa/0x15
[  374.090292][T16828]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  374.096119][T16828]  ? ___might_sleep+0x163/0x280
[  374.100988][T16828]  __should_failslab+0x121/0x190
[  374.105981][T16828]  should_failslab+0x9/0x14
[  374.110505][T16828]  kmem_cache_alloc+0x2b2/0x6f0
[  374.115368][T16828]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  374.121096][T16828]  ? __vm_enough_memory+0x320/0x5a0
[  374.126307][T16828]  vm_area_dup+0x21/0x170
[  374.130652][T16828]  copy_process.part.0+0x3431/0x7980
[  374.135981][T16828]  ? __cleanup_sighand+0x60/0x60
[  374.141192][T16828]  ? lock_downgrade+0x880/0x880
[  374.146080][T16828]  ? kasan_check_write+0x14/0x20
[  374.151030][T16828]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  374.156593][T16828]  _do_fork+0x257/0xfd0
[  374.160759][T16828]  ? fork_idle+0x1d0/0x1d0
[  374.165174][T16828]  ? fput+0x1b/0x20
[  374.165191][T16828]  ? ksys_write+0x166/0x1f0
[  374.165211][T16828]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  374.165225][T16828]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  374.165240][T16828]  ? do_syscall_64+0x26/0x610
[  374.165255][T16828]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  374.165269][T16828]  ? do_syscall_64+0x26/0x610
[  374.165287][T16828]  __x64_sys_clone+0xbf/0x150
[  374.165307][T16828]  do_syscall_64+0x103/0x610
03:39:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22cb01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:00 executing program 5:
syz_open_dev$rtc(&(0x7f0000000040)='/dev/rtc#\x00', 0xe2, 0x30000)
syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x40, 0x400402)
r0 = socket$inet6(0xa, 0x80001, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080))
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @ipv4={[], [], @remote}}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:39:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22cc01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  374.189181][T16828]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  374.189211][T16828] RIP: 0033:0x4582b9
[  374.189226][T16828] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  374.189234][T16828] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  374.238636][T16828] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:39:00 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x90880, 0x0)
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r1, 0x800455d1, &(0x7f0000000040))

03:39:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22cd01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  374.238646][T16828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  374.238655][T16828] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  374.238664][T16828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  374.238674][T16828] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:03 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000016)

03:39:03 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ce01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:03 executing program 1 (fault-call:3 fault-nth:58):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:03 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x105000, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000040), 0x4)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:39:03 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x700, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  377.079275][T16866] FAULT_INJECTION: forcing a failure.
[  377.079275][T16866] name failslab, interval 1, probability 0, space 0, times 0
[  377.097558][T16866] CPU: 0 PID: 16866 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  377.105576][T16866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  377.115642][T16866] Call Trace:
[  377.118960][T16866]  dump_stack+0x172/0x1f0
[  377.123321][T16866]  should_fail.cold+0xa/0x15
[  377.127927][T16866]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  377.133787][T16866]  ? ___might_sleep+0x163/0x280
[  377.138663][T16866]  __should_failslab+0x121/0x190
[  377.143622][T16866]  should_failslab+0x9/0x14
[  377.148135][T16866]  kmem_cache_alloc+0x2b2/0x6f0
[  377.153000][T16866]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  377.158731][T16866]  ? __vm_enough_memory+0x320/0x5a0
[  377.163951][T16866]  vm_area_dup+0x21/0x170
[  377.168292][T16866]  copy_process.part.0+0x3431/0x7980
[  377.173621][T16866]  ? __cleanup_sighand+0x60/0x60
[  377.178564][T16866]  ? lock_downgrade+0x880/0x880
[  377.183434][T16866]  ? kasan_check_write+0x14/0x20
[  377.188381][T16866]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  377.193952][T16866]  _do_fork+0x257/0xfd0
[  377.198120][T16866]  ? fork_idle+0x1d0/0x1d0
[  377.202544][T16866]  ? fput+0x1b/0x20
[  377.206361][T16866]  ? ksys_write+0x166/0x1f0
[  377.210897][T16866]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  377.216418][T16866]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  377.221901][T16866]  ? do_syscall_64+0x26/0x610
[  377.226601][T16866]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  377.232675][T16866]  ? do_syscall_64+0x26/0x610
[  377.237382][T16866]  __x64_sys_clone+0xbf/0x150
[  377.242078][T16866]  do_syscall_64+0x103/0x610
[  377.246685][T16866]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  377.252582][T16866] RIP: 0033:0x4582b9
[  377.256490][T16866] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:39:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22cf01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:03 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
vmsplice(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)="4988e978fadebb6b1031cbb2763c1e572fd7ef0adf8aefe11f9160951995f39a56a3976828d86e33cda7f47f0f1754e517a787bb5870c7b18b58fa64baf3a72fb7317e118670affc36736f38", 0x4c}, {&(0x7f00000000c0)="0bbd135a272099ab7ea7927404c8bfa6524a7319127638695d67bc2a0d9cf551cae043e9175d923f747cee4704f601f26d2d369a627984e2b5b14cbc54b9d91cdeec5bb4e348b2ee29fc100a53cb90b36fe41ec2c69c661de8d12b9a3a34a89506e38912c87830a7910070268ff35c075d76621f06ac6045781bc2c661b5264d5607f4955834eb471633218eb35abe5ee566772e06e642df31595f2f28608330cc7c918e1360be599857528b00bfbfc285de9920f63a69dcbc1573ebccce261e0b82a2f74c0c81efbc36723a0f28b7d8ea9b8e8e7568ffc5", 0xd8}, {&(0x7f00000001c0)="a6bfbeddf170f1bc26e858986fcf284b7e7203db2234d08f450ec45eacd9f427231c21ec02ab64fc7e08e238a763b522a3545e8fc1e72e9bab513fb1a932d9d4433d316769b8f3c9821b64a04de9ca18f46de1045344bd4c6ef4e24c17a86e4bd84f0ec125e9ce988e50454b276dbf1d10684692850183ee647088809b5c0e80b1ab2324887212be9c3b05889200a4aec318a4b7ba7468131de90a1a2a2d7dfcf2cf45073eb1a61de02274b734f72e549002c99f6c767fa12d8c0c6ac71618d0a8de3b89e43c5be1310e4721bf0fee9255924bba2d3c20aba68e339dfbf88776d197dcfb0ff4a4", 0xe7}], 0x3, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x100, 0x0)

03:39:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:03 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000400)='/dev/media#\x00', 0x0, 0x10000)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r1, 0x114, 0xa, &(0x7f0000000440), 0x1)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f00000000c0)={0x0, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x184)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400, 0x0)
sendmsg$inet_sctp(r2, &(0x7f0000000300)={&(0x7f0000000040)=@in6={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000180)="7478e69da3b79480d51a907de6f0be1da58adc2f93c8c33a6a5cd32501c05c8b31aaf3d3d41b91bf98038435ea6beb4407c765aafda30169b09342b6f1dc1b4caa15c1f5475de02f56b1b51f9d", 0x4d}, {&(0x7f0000000200)="15850933fe43ef8285796bc977d3e62bd112746fe5fabdcebb5f0ef6829ab7512b7a7c4a8ea71cc400e8d137746be7408059a7576de643eba949dce57e58d13384763ffa93c4262223736feef9c85a1ea8ce756509913a89cc893be1c110c532731fbedb2ffb69ae05c5f3e4598556c435cabaf1b8f46917fe7f6d6db762e2f1a5c6152b5d8ae3ddb26e7a172f351bf610c8546efa52bf8b40183486554e2699a02fa04bb71dcf3434517ae362eb4c4d8bcef2c528375f8f3bfc184ac6bbee2c9a81f9d55ada2ace8ffed16968817f4c930e8aa1601eb06af9293ac596f3", 0xde}], 0x2, 0x0, 0x0, 0x1}, 0x8000)

03:39:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  377.276104][T16866] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  377.284551][T16866] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  377.292538][T16866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  377.300515][T16866] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  377.308519][T16866] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  377.316505][T16866] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:03 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x400400, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f0000000040))

03:39:06 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:39:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:06 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x1000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:06 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:06 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x80000, {{0xa, 0x0, 0x9, @empty}}}, 0x78)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:39:06 executing program 1 (fault-call:3 fault-nth:59):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:06 executing program 5:
r0 = socket$inet6(0xa, 0x80000, 0xbb)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)

03:39:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  380.215190][T16920] FAULT_INJECTION: forcing a failure.
[  380.215190][T16920] name failslab, interval 1, probability 0, space 0, times 0
[  380.230736][T16920] CPU: 0 PID: 16920 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  380.238742][T16920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  380.248808][T16920] Call Trace:
[  380.248848][T16920]  dump_stack+0x172/0x1f0
[  380.248887][T16920]  should_fail.cold+0xa/0x15
[  380.248910][T16920]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  380.248927][T16920]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  380.248955][T16920]  ? __anon_vma_interval_tree_augment_rotate+0x1ac/0x220
[  380.248980][T16920]  __should_failslab+0x121/0x190
[  380.285166][T16920]  should_failslab+0x9/0x14
[  380.289680][T16920]  kmem_cache_alloc+0x47/0x6f0
[  380.294457][T16920]  ? anon_vma_chain_link+0x154/0x1c0
[  380.299764][T16920]  anon_vma_clone+0xde/0x480
[  380.304372][T16920]  anon_vma_fork+0x8f/0x4a0
[  380.308899][T16920]  ? dup_userfaultfd+0x15e/0x6d0
03:39:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  380.313858][T16920]  ? memcpy+0x46/0x50
[  380.317882][T16920]  copy_process.part.0+0x350f/0x7980
[  380.323223][T16920]  ? __cleanup_sighand+0x60/0x60
[  380.328176][T16920]  ? lock_downgrade+0x880/0x880
[  380.333049][T16920]  ? kasan_check_write+0x14/0x20
[  380.338003][T16920]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  380.343584][T16920]  _do_fork+0x257/0xfd0
[  380.347758][T16920]  ? fork_idle+0x1d0/0x1d0
[  380.352197][T16920]  ? fput+0x1b/0x20
[  380.356034][T16920]  ? ksys_write+0x166/0x1f0
[  380.360558][T16920]  ? trace_hardirqs_on_thunk+0x1a/0x1c
03:39:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  380.366028][T16920]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  380.371503][T16920]  ? do_syscall_64+0x26/0x610
[  380.376189][T16920]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  380.382271][T16920]  ? do_syscall_64+0x26/0x610
[  380.386991][T16920]  __x64_sys_clone+0xbf/0x150
[  380.391694][T16920]  do_syscall_64+0x103/0x610
[  380.396308][T16920]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  380.402211][T16920] RIP: 0033:0x4582b9
03:39:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  380.406115][T16920] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  380.425778][T16920] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  380.434209][T16920] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  380.434218][T16920] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  380.434228][T16920] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  380.434237][T16920] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
03:39:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  380.434246][T16920] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:07 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:39:07 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:07 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:07 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e24, 0x4, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x400}, @in6={0xa, 0x4e24, 0x3f, @mcast2}, @in6={0xa, 0x4e21, 0x9, @mcast2, 0x8}, @in={0x2, 0x4e23, @remote}, @in={0x2, 0x4e21, @remote}, @in6={0xa, 0x4e20, 0x1e7, @ipv4={[], [], @broadcast}, 0x30}, @in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e22, @rand_addr=0xf0}, @in6={0xa, 0x4e23, 0x55, @dev={0xfe, 0x80, [], 0x23}, 0x5}], 0xcc)

03:39:07 executing program 1 (fault-call:3 fault-nth:60):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22d901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:07 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = add_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$setperm(0x5, r1, 0x10020210)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  381.085545][T16955] FAULT_INJECTION: forcing a failure.
[  381.085545][T16955] name failslab, interval 1, probability 0, space 0, times 0
[  381.115888][T16955] CPU: 0 PID: 16955 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  381.123911][T16955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  381.133984][T16955] Call Trace:
[  381.134012][T16955]  dump_stack+0x172/0x1f0
[  381.134037][T16955]  should_fail.cold+0xa/0x15
[  381.134061][T16955]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  381.141850][T16955]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  381.141878][T16955]  ? __anon_vma_interval_tree_augment_rotate+0x1ac/0x220
[  381.141902][T16955]  __should_failslab+0x121/0x190
[  381.141916][T16955]  should_failslab+0x9/0x14
[  381.141952][T16955]  kmem_cache_alloc+0x47/0x6f0
[  381.179847][T16955]  ? anon_vma_chain_link+0x154/0x1c0
[  381.185179][T16955]  anon_vma_clone+0xde/0x480
[  381.189790][T16955]  anon_vma_fork+0x8f/0x4a0
[  381.194309][T16955]  ? dup_userfaultfd+0x15e/0x6d0
[  381.199275][T16955]  ? memcpy+0x46/0x50
[  381.203282][T16955]  copy_process.part.0+0x350f/0x7980
[  381.208609][T16955]  ? __cleanup_sighand+0x60/0x60
[  381.213560][T16955]  ? lock_downgrade+0x880/0x880
[  381.218428][T16955]  ? kasan_check_write+0x14/0x20
[  381.223386][T16955]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  381.228996][T16955]  _do_fork+0x257/0xfd0
[  381.233173][T16955]  ? fork_idle+0x1d0/0x1d0
[  381.237602][T16955]  ? fput+0x1b/0x20
[  381.241434][T16955]  ? ksys_write+0x166/0x1f0
[  381.246046][T16955]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  381.251507][T16955]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  381.251523][T16955]  ? do_syscall_64+0x26/0x610
[  381.251537][T16955]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  381.251549][T16955]  ? do_syscall_64+0x26/0x610
[  381.251569][T16955]  __x64_sys_clone+0xbf/0x150
[  381.251587][T16955]  do_syscall_64+0x103/0x610
03:39:07 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000040)={{0x43, 0x7}, {0x9, 0x5ca2}, 0x800, 0x3})
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
ioctl$TIOCSBRK(r1, 0x5427)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  381.251604][T16955]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  381.251615][T16955] RIP: 0033:0x4582b9
[  381.251630][T16955] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  381.251638][T16955] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  381.251668][T16955] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  381.327669][T16955] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22da01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  381.335670][T16955] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  381.343653][T16955] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  381.351715][T16955] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:07 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:07 executing program 1 (fault-call:3 fault-nth:61):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  381.524403][T16989] FAULT_INJECTION: forcing a failure.
[  381.524403][T16989] name failslab, interval 1, probability 0, space 0, times 0
[  381.553780][T16989] CPU: 0 PID: 16989 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  381.561902][T16989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  381.571979][T16989] Call Trace:
[  381.575300][T16989]  dump_stack+0x172/0x1f0
[  381.579662][T16989]  should_fail.cold+0xa/0x15
[  381.584280][T16989]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  381.590117][T16989]  ? ___might_sleep+0x163/0x280
[  381.594985][T16989]  __should_failslab+0x121/0x190
[  381.599945][T16989]  should_failslab+0x9/0x14
[  381.604466][T16989]  kmem_cache_alloc+0x2b2/0x6f0
[  381.609334][T16989]  ? anon_vma_clone+0x320/0x480
[  381.614217][T16989]  anon_vma_fork+0xfc/0x4a0
[  381.618718][T16989]  ? dup_userfaultfd+0x15e/0x6d0
[  381.623639][T16989]  ? memcpy+0x46/0x50
[  381.627626][T16989]  copy_process.part.0+0x350f/0x7980
[  381.633733][T16989]  ? __cleanup_sighand+0x60/0x60
[  381.638673][T16989]  ? lock_downgrade+0x880/0x880
[  381.643568][T16989]  ? kasan_check_write+0x14/0x20
[  381.648505][T16989]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  381.654055][T16989]  _do_fork+0x257/0xfd0
[  381.658227][T16989]  ? fork_idle+0x1d0/0x1d0
[  381.662632][T16989]  ? fput+0x1b/0x20
[  381.666440][T16989]  ? ksys_write+0x166/0x1f0
[  381.670958][T16989]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  381.676430][T16989]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  381.681913][T16989]  ? do_syscall_64+0x26/0x610
[  381.686596][T16989]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  381.692662][T16989]  ? do_syscall_64+0x26/0x610
[  381.697342][T16989]  __x64_sys_clone+0xbf/0x150
[  381.702025][T16989]  do_syscall_64+0x103/0x610
[  381.706617][T16989]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  381.712505][T16989] RIP: 0033:0x4582b9
[  381.716416][T16989] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  381.736291][T16989] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  381.745585][T16989] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  381.753729][T16989] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  381.761721][T16989] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  381.769689][T16989] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  381.777654][T16989] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:08 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x3000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:08 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x200000000000004)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
accept4$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, &(0x7f0000000040)=0x1c, 0x80800)

03:39:08 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(0x0, 0x1000000000016)

03:39:08 executing program 1 (fault-call:3 fault-nth:62):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22db01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:08 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22dc01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  381.993642][T17005] FAULT_INJECTION: forcing a failure.
[  381.993642][T17005] name failslab, interval 1, probability 0, space 0, times 0
[  382.019715][T17005] CPU: 0 PID: 17005 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  382.027731][T17005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  382.037792][T17005] Call Trace:
03:39:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22dd01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  382.041113][T17005]  dump_stack+0x172/0x1f0
[  382.045466][T17005]  should_fail.cold+0xa/0x15
[  382.050077][T17005]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  382.055929][T17005]  ? ___might_sleep+0x163/0x280
[  382.060835][T17005]  __should_failslab+0x121/0x190
[  382.060853][T17005]  should_failslab+0x9/0x14
[  382.060881][T17005]  kmem_cache_alloc+0x2b2/0x6f0
[  382.060897][T17005]  ? anon_vma_clone+0x320/0x480
[  382.060931][T17005]  anon_vma_fork+0x1ea/0x4a0
[  382.060953][T17005]  ? dup_userfaultfd+0x15e/0x6d0
03:39:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22de01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  382.075260][T17005]  copy_process.part.0+0x350f/0x7980
[  382.075307][T17005]  ? __cleanup_sighand+0x60/0x60
[  382.075328][T17005]  ? lock_downgrade+0x880/0x880
[  382.104764][T17005]  ? kasan_check_write+0x14/0x20
[  382.109804][T17005]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  382.115367][T17005]  _do_fork+0x257/0xfd0
[  382.119545][T17005]  ? fork_idle+0x1d0/0x1d0
[  382.123983][T17005]  ? fput+0x1b/0x20
[  382.127819][T17005]  ? ksys_write+0x166/0x1f0
[  382.132348][T17005]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  382.137822][T17005]  ? trace_hardirqs_on_thunk+0x1a/0x1c
03:39:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22df01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  382.143312][T17005]  ? do_syscall_64+0x26/0x610
[  382.147997][T17005]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  382.154089][T17005]  ? do_syscall_64+0x26/0x610
[  382.158779][T17005]  __x64_sys_clone+0xbf/0x150
[  382.163474][T17005]  do_syscall_64+0x103/0x610
[  382.168101][T17005]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  382.174222][T17005] RIP: 0033:0x4582b9
03:39:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:08 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x6c8, 0x4000)
bind$isdn(r1, &(0x7f0000000040)={0x22, 0xa5, 0x200, 0x7fff, 0x6}, 0x6)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff0100000000aeed9866c0f5a50f2f00000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000300000000000000000000000000000000000100000000000000"], 0x1)

[  382.178119][T17005] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  382.197762][T17005] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  382.206187][T17005] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  382.214165][T17005] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  382.222163][T17005] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  382.230149][T17005] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  382.238129][T17005] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:08 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:08 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0xe, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:08 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x0)

03:39:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e101001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:08 executing program 1 (fault-call:3 fault-nth:63):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:08 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:39:08 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x300, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:08 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x5000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  382.864040][T17056] FAULT_INJECTION: forcing a failure.
[  382.864040][T17056] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  382.889035][T17056] CPU: 1 PID: 17056 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  382.897059][T17056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  382.907124][T17056] Call Trace:
03:39:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e201001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  382.910446][T17056]  dump_stack+0x172/0x1f0
[  382.914794][T17056]  should_fail.cold+0xa/0x15
[  382.919393][T17056]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  382.925240][T17056]  ? ___might_sleep+0x163/0x280
[  382.930112][T17056]  should_fail_alloc_page+0x50/0x60
[  382.935405][T17056]  __alloc_pages_nodemask+0x1a1/0x7e0
[  382.940800][T17056]  ? kvm_mmu_notifier_invalidate_range_start+0x1ae/0x280
[  382.947833][T17056]  ? __mmu_notifier_invalidate_range_start+0x177/0x210
[  382.954712][T17056]  ? __alloc_pages_slowpath+0x28b0/0x28b0
03:39:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e301001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  382.960446][T17056]  ? __mmu_notifier_invalidate_range_start+0x177/0x210
[  382.967336][T17056]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  382.973586][T17056]  alloc_pages_current+0x107/0x210
[  382.978711][T17056]  pte_alloc_one+0x1b/0x1a0
[  382.978730][T17056]  __pte_alloc+0x20/0x310
[  382.978752][T17056]  copy_page_range+0x1529/0x1f90
[  382.992509][T17056]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  382.998249][T17056]  ? pmd_alloc+0x180/0x180
[  383.002683][T17056]  ? validate_mm_rb+0xa3/0xc0
[  383.007378][T17056]  ? __vma_link_rb+0x279/0x370
03:39:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e401001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  383.012166][T17056]  copy_process.part.0+0x568b/0x7980
[  383.017493][T17056]  ? __cleanup_sighand+0x60/0x60
[  383.022450][T17056]  ? lock_downgrade+0x880/0x880
[  383.027320][T17056]  ? kasan_check_write+0x14/0x20
[  383.032271][T17056]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  383.037827][T17056]  _do_fork+0x257/0xfd0
[  383.042021][T17056]  ? fork_idle+0x1d0/0x1d0
[  383.046470][T17056]  ? fput+0x1b/0x20
[  383.050286][T17056]  ? ksys_write+0x166/0x1f0
[  383.054809][T17056]  ? trace_hardirqs_on_thunk+0x1a/0x1c
03:39:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e501001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  383.060284][T17056]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  383.065761][T17056]  ? do_syscall_64+0x26/0x610
[  383.070450][T17056]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.076534][T17056]  ? do_syscall_64+0x26/0x610
[  383.081226][T17056]  __x64_sys_clone+0xbf/0x150
[  383.085915][T17056]  do_syscall_64+0x103/0x610
[  383.090515][T17056]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.096411][T17056] RIP: 0033:0x4582b9
[  383.100318][T17056] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  383.119930][T17056] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  383.128357][T17056] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  383.136359][T17056] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  383.144340][T17056] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  383.152322][T17056] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
03:39:09 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x303080, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000040)={0x3, 0x100})
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:39:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e601001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  383.160298][T17056] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:09 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x0)

03:39:09 executing program 1 (fault-call:3 fault-nth:64):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:09 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @remote}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000edffffffffffffff00001b010000000000000000040000000000000000000000c9446ea45373f006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:39:09 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x500, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e701001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:09 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x7000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  383.786630][T17097] FAULT_INJECTION: forcing a failure.
[  383.786630][T17097] name failslab, interval 1, probability 0, space 0, times 0
[  383.800189][T17097] CPU: 0 PID: 17097 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  383.808194][T17097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  383.818253][T17097] Call Trace:
[  383.818282][T17097]  dump_stack+0x172/0x1f0
[  383.818306][T17097]  should_fail.cold+0xa/0x15
[  383.818328][T17097]  ? fault_create_debugfs_attr+0x1e0/0x1e0
03:39:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e801001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22e901001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  383.818351][T17097]  ? ___might_sleep+0x163/0x280
[  383.818374][T17097]  __should_failslab+0x121/0x190
[  383.826007][T17097]  should_failslab+0x9/0x14
[  383.850666][T17097]  kmem_cache_alloc+0x2b2/0x6f0
[  383.855529][T17097]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  383.861799][T17097]  ptlock_alloc+0x20/0x70
[  383.866144][T17097]  pte_alloc_one+0x6d/0x1a0
[  383.870664][T17097]  __pte_alloc+0x20/0x310
[  383.875035][T17097]  copy_page_range+0x1529/0x1f90
[  383.880008][T17097]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  383.885747][T17097]  ? pmd_alloc+0x180/0x180
[  383.890177][T17097]  ? validate_mm_rb+0xa3/0xc0
[  383.894884][T17097]  ? __vma_link_rb+0x279/0x370
[  383.899667][T17097]  copy_process.part.0+0x568b/0x7980
[  383.905171][T17097]  ? __cleanup_sighand+0x60/0x60
[  383.910111][T17097]  ? lock_downgrade+0x880/0x880
[  383.914964][T17097]  ? kasan_check_write+0x14/0x20
[  383.919945][T17097]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  383.925501][T17097]  _do_fork+0x257/0xfd0
[  383.929660][T17097]  ? fork_idle+0x1d0/0x1d0
[  383.934060][T17097]  ? fput+0x1b/0x20
[  383.937863][T17097]  ? ksys_write+0x166/0x1f0
[  383.942389][T17097]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  383.947839][T17097]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  383.953302][T17097]  ? do_syscall_64+0x26/0x610
[  383.958011][T17097]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.964071][T17097]  ? do_syscall_64+0x26/0x610
[  383.968757][T17097]  __x64_sys_clone+0xbf/0x150
[  383.973437][T17097]  do_syscall_64+0x103/0x610
[  383.978017][T17097]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.983917][T17097] RIP: 0033:0x4582b9
[  383.987820][T17097] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  384.007418][T17097] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  384.015888][T17097] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  384.023847][T17097] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:10 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x40)
setsockopt$inet6_opts(r0, 0x29, 0x3f, &(0x7f0000000040)=@routing={0x7f, 0x4, 0x2, 0xccbf, 0x0, [@empty, @mcast1]}, 0x28)
r1 = socket$inet6(0xa, 0xa552ff8fe26975fd, 0x6)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  384.031813][T17097] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  384.039768][T17097] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  384.047812][T17097] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ea01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:10 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x8000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:10 executing program 1 (fault-call:3 fault-nth:65):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  384.236811][T17122] FAULT_INJECTION: forcing a failure.
[  384.236811][T17122] name failslab, interval 1, probability 0, space 0, times 0
[  384.261593][T17122] CPU: 0 PID: 17122 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  384.269611][T17122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  384.279699][T17122] Call Trace:
[  384.283068][T17122]  dump_stack+0x172/0x1f0
[  384.287402][T17122]  should_fail.cold+0xa/0x15
[  384.292340][T17122]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  384.298132][T17122]  ? ___might_sleep+0x163/0x280
[  384.303006][T17122]  __should_failslab+0x121/0x190
[  384.307959][T17122]  should_failslab+0x9/0x14
[  384.312455][T17122]  kmem_cache_alloc+0x2b2/0x6f0
[  384.317303][T17122]  ? validate_mm_rb+0xa3/0xc0
[  384.321993][T17122]  vm_area_dup+0x21/0x170
[  384.326325][T17122]  copy_process.part.0+0x3431/0x7980
[  384.331613][T17122]  ? __cleanup_sighand+0x60/0x60
[  384.336538][T17122]  ? lock_downgrade+0x880/0x880
[  384.341393][T17122]  ? kasan_check_write+0x14/0x20
[  384.346328][T17122]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  384.351905][T17122]  _do_fork+0x257/0xfd0
[  384.356064][T17122]  ? fork_idle+0x1d0/0x1d0
[  384.360475][T17122]  ? fput+0x1b/0x20
[  384.364356][T17122]  ? ksys_write+0x166/0x1f0
[  384.368861][T17122]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  384.374318][T17122]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  384.379767][T17122]  ? do_syscall_64+0x26/0x610
[  384.384429][T17122]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.390481][T17122]  ? do_syscall_64+0x26/0x610
[  384.395145][T17122]  __x64_sys_clone+0xbf/0x150
[  384.399843][T17122]  do_syscall_64+0x103/0x610
[  384.404461][T17122]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.410359][T17122] RIP: 0033:0x4582b9
[  384.414252][T17122] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  384.433851][T17122] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  384.442286][T17122] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  384.450269][T17122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  384.458446][T17122] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  384.466407][T17122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  384.474361][T17122] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:10 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x0)

03:39:10 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:10 executing program 5:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x100, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000100)={'nat\x00', 0x1000, "8f096ce432f28aa5b266b2f8b75110ae08d1ab9ac71fac4bd92b915f774aec9a35074278a464b403ec762df512c60ebbbbd5670353b3997e554c62f448a0f49fb8524c7697ce0fe1f10f8c126c786fda55888ff951a234767b0018bd955baa2da58945569b118bcc3447729f6a59b0a11f95b25b5ed5b313565fc4d0015e7ef7b63dc4f4be80bfd457551113f45cbc6318fb2e9d01c02cbc95f9e71f64cbdc006603c9f4446ce5dd3009091f36bcddd2e0b8097b5d15a4707136c1b999466d605bc08b786c10dfc88767216d15ea65ae2b28a2dbcc8b1ae112517f25a5228b6a7935862df199fe9280d7a7bcd773b64b8cb0929fd5a8ee823409afd18aae85481ce114c58ba3dfd038e7ca5cb4ed61dd1a884ebc68739008e5d6f641f9a7273d80f914a148645262b661b24f0b3beb5532b3076d54958c64adab92a8b3046cc72e6d73c071e7262226c33849a24537a18d51b80c6b3ddd3eac4044ee3a3338466b2831d4c266774f8929468568ba3625b430364bb613e6b4f3d17025303c2f71ea961503316630324e77dbc88162842f781b87092c985864b832b2be1556dd1b1bb6f05d995534ac7dd4c7f331e89827bb73563a71df14ccf1ae9cdfce1aa50a67ec64d3d4cfecb8d0db8f185745cbb15afd0620dfa919a61f5e23352b51a168c6179daa76f27cc6b7f68c59e0b90c39955845ccac09df835092899a1e7e41ecc57331c6ae67235631b3996d61009a9a1ed57bd6d82da65604fa45ef8a6fb2e6f79f903d030df733fcb7c02ca0bfc302bea5db33fbde03cd4ec5f730e70fa2d2969878a09091923c0ab018032bd7a4527e4391520f34a5be8eeaaf5d195aeec7aafa36ebfff6e28fa45f39fc404be2411816c3f8f36fb2517a1b88becf55546b2df6a9dab06b16d32b21c783eb3ff7ea46529969b7cae5857fb16b246875013c82c4911fd73b79497445451e37843032a3aaaf4200cecbb0ac96915d4fdb163db101c9f24bfdab4914634e07387ebcc59f1947c3a988e3421794ac9176d63d82ef1ff1c4a19f7d71fc31711892e8b5b963f4b59f6ba3ae12bf9f16f125bdb9733c5f4d8a3892e7108d59b1c057fb5022a5cfee8edc53d7948df36c32b3ce61f65aa94ee7e7b8f62dbe26685ad9ef1dde0f9a7a5cc81def09857cdc664e2b2a3c3745d3cdccf97084a4f682cea39d5a2f8229384d487f14c646b981a3b2b01fc13492091df5ee05dda65847644b7a370850f8b69e5f90fec8669ba133a36889623a2cb80b5c46d169b22d6a93f9bbaa861e3564fe703dcfc47fbdc97a8758062558ba120a51ddec0b49b7fa0e69a0178f8e3ad1fc5cb47a268ab933805270cb9c5bd47e71a8781d55d9f31bfa188501ca6ee74c800532b19f1b84887e4368f0a75bb51d7929d9bb32baf35c2df3fa06b59d77281d5df90435a4aef0866e7004d07054524ff59f502ce6879348dabde574e69399be694d5fd8be2a397fdbfc05b80e09a2c35dc80ba8701c0bc4787f80bcf361ca2d90005e158be15c94ac7a57e3f5ac45f14f45e3a60012d5bd1f5a65bf957d1180d6ac7dc0162e91a04de58a20a2b4efe7b56cd54579df27e2a34c4b3d97af69e14a9c450ad8eb47d1d3fd602fa7e036b9ac56c4fb7f27c741f2676a47071660b3e96013202eaa5d52a39c8d411f96d6f58f027ad97598c1f4522caa8568ea0c223ff69c7af6f81413695767c289c526d0f33f441f86c4b574cb34b1e3b21ecd72e15bc9987061b1eb4f6df02fc117c2fdec1c06ddc0e20874bd3a5337faf51ed4430e5f3ae32517c5a3f437887a2f96ff59d643787be9cd280b9fa3a87b1f96521dc04ffcc378e5e223f0fb9676b085e5bb1597733b0c3171fe97c1a5d256cc4b4b410b233c1cad829ab5016fdbe5266bcd0e715a47fdf9ee7c6134bbd8aa4cb094fe57a3461603fb7ad8cda11ee2074a13bebc0a1ac8eee89c9e072fef9042cb3a8d006239e612dab10543a6e7e597509940c90330404620c1f1dc6fc9213dfed79b6049775b8d166d1ca4a18cdbe42cad5ae4b816b17900f0fdcc106b57e41f74a3c8c093f63b73a572eede187107021045d342d33e5d608da05fb8ba40638560f107aaba27f859dc5596ec106a2a2ab8b3c47cc5dbf4aba6faf40f652615323abce0859b8a5d8fccc460abf10d006fb2301aa8f1dd348065ba84c6c34b2cf3b4d3fdce31ae692098d73bfe7df9913fcb3a1528f0df72fe6725bb697ec3318b186db4b2f8c48b75d9ef3f1d5aefcff6250673c516994aa07da16b9fe703038364d14415093783685f8132a40f2bf94150e42a3e2bd95eddb8604db434b8a1709772967b345347c9e5a15715399254a0934635717f45aa8a5931c13607b2132751f85655e48cd4f39a18d5d11c0f138c44ba41605c4d19ad71d2dc391f9e5bbbd82a1bfae7a852c7e67a1e6fc45a3e998b4ae942a0bbd9dfc0f0b0858e8153529e564fab2e1a10305deed00799f1fa10dc24ed86d28168eac0469c9e03701e148acbd3f327222d9748343b13a63b1ba535b496561e5d7eb0bc774ac896fe2f3f654eaa11a106f09dd7cd7d0d8be91c1f32f8f38392e62235544abaed1d4a6b739a94d28689a1cac16b58557d8141c01da81e4b7595003849b02c26391278c31305844156eb2e5fed95b529e6ce7d035c5aa849bfffd65f8f070229adc4a67e1702a0e1edb610bb82ceb3f6c465ba9d5d862fe5d28866c54661a647296c05de9fe19f6a728e2dc845405ba19d1c2d1de035c2539d52de7b5154cfd3ad7c69bfa78a9c5e88765f4894863f73fa1c26e86e79953535c2d590ee66eda90dff072679268bad2329b2968be40396986b25d2ed92685980ec743bd122395e9928d6f0d1ab3d6e64e25f98d60765e8297ae79dcb6e6e83eaa5a0231d951444a66b8a5a9048fe742a4c59d12322aa55623a9d01408539917e4ffe667e3e3786384eef6f7c1139a3adab8a40ff8aeb37cb58477424265f1198627e4c70bb5f67baa39774fad989a4e7fff38f050d10d8184613e77543202d333420aec4a8197bec31fa71b73057767b6d68f7f8664301a6a755e5495118c8d1cc280e23a7891d75879645b6cb3ae2dd9613db9f35a1c4a1183cfc03a65564810bd8cd45e6acfa88a11fb182b279d85cd5d647dad28773e3d876ab108cb5da8961d53c01f4d3f4a8b2be9780e110106a890a9f7590bd03e2a054a7bac05cfd2d68d43cf0bca63a9d4a7e4c23e5e9bd3e0cc067d6e9f70b7ba93b63348ced9dcab2fb0c09a8e49e07c7d5a375f689696a92f7680998b4830901aa24e6db314114e526399214d330e3e48def9f96d4e5c0985f2fc46d0e3e1f2948ff4ca1fec0752f14750045278a3a3b775bfeeff95238bb8f1694a4f7730df6bf3ca9ae70dfc3447ea34c7c57d86f1776534dc4ee31ce3a25bd8692252707d64e1aa3b023db0862909e4c4320311ef012c880de249f527397ea7a7bfd079eb747b4edd517b077decf5c8ccc5cdbd619db4f0188e8ac50af6ac663fb1092c806a47c0b2afc38d73335654edcfb343789568dadb06ea3909a1d570ab5eb985962501c1dafc6e299d14e50011cd7e66fe87ef389592ace8b5a31197d4b5e4457cb675f82e63887101c8811bca5bda487e569e3edd0ea75142afb8f93481cdebb2daf441c0b2cbf2c4022e6cef742c2831027244b7189546ac77bb21d96aa6b9b08b67a8207ef55d135d43051fecca867f51919aa891063a2d5c7ea7d652d500422d842ca6d73e3f7d9dfadaca9e99edf98505084a8239a2c1c15a2c6f7d2ba120c18b6d886556c80cca1a4fcbe185d75f745cb2cdd53d18693a28f28377aec89656536eedfefbd01d1bf08a5dae3b7aa352b418e7679feb06a6ed56a9ca57421ea01509322b51be0705e2f6f7c77fcc4c3775bad63a077a6402a2dcb92dda2db8d6fa0dec6794070b8a840ff94d3601ff0a806e75891a479acadee86a3e078feabe5819adfbdabda642877002945e6e5777de911fcbf945de66462e44319a17dfe907970a3aa74d7e967fd84673cc4917ac42f252d1c964837e098778bfa2562d7b8e1e4a76fb6bd3e046b6fc4d048b51a55da606cc52d62919daa19480a4851a3584da69726db169ee2d19261043518dac64e3953d7de75ef41e946602df29f89bc362cb6e9387f5255a7b69927b59ea0fcb84cad6c1605e0fc65120afd3787bef6926c2a9dc9009a09a2d54fc2b52700c16326e831277891e854ad9d4df1ad6a71d5f0fe563d422e0eba51c274148c983d4e1581538355062de5c194a47ed312de1a0cd13fa9d937de7670ecc3fc92ee56ef7e0365ccb307a222bcfc9b711866a496dbfe080882490939bae27eb792dafbe609828b0d5b442a8b7210bc0eed89f489140d3597c7924bb23fdf78502ad48b3e29df463b0ef44171b36fff9627e296e2dfec10b5689688e2b54e72690de0cb423a0f75fa11ef5881b6cd0828141d79d8c198f4d54aeaa35950d7ed922dba87461e910d3b05112e7519ae40c062c81fe35a6512041e98d50fe08822b003c6ae07a8b50b53fffa05733d6105c3be551a7fbf3c023d4bd9104e64dfb2642da0d7a11b7d8e409fc884860803a0c7d700438bd199cb2900573e94fe963b2d89febbf67d1398825958d0d5b1237c8721a44e15d56bedd450f6aa2aa3daf21a7619dd0af75fa2c53c7bc606aeebd84d61f72545ce6dc0669d730f48fc9fb446a744a7320d55fcb873f01e73d55f57a0a1942b8e09be9d6c7eb9749908e90d80d264e5a1ecb484dcd7f2bf17441d8154de9a746a04a21fb6f4b635400686d01e86cfe97e3a7090896115840e8595c77015f2626621f8bb505f396659aafcb4ee9f91078ad5802d51bcae4d879d69786b90be33f8e9c905e4246d0eb2dc5673d13b27f8441076fc5a3bff314d9bdaad8588bba892af186cc992036674380ea9bbdd142f7aeb856a64cfe8832a966e27040885ee7e394259a4de819917e70d38b8a29e4f7cdea9774119414085f52b89dbb74635e7ad664b17d5af00876ed9d91a271d5c9bc24181f2b44c5cbd34a01279d86cab4a359529a360461e9c5670a0004e225b4b2d009439f785c8bce64a9161b1191a973163923fe782ab70354a73e338dfe2400f5c42f372ac9e362eac68e193b07ff1732c5e5e13b6683003081914423489f26d696ed2be96d9f13ca1f7e8842a66c47d437913d36b4e3ff0034d5a4a10d96ce8ac0616948ac4d96a660aa177931a1b980b18f5e308618c6716b9a33f1bfc5dd7300413d865dfc122dbec9ab4d109d730202b64f1c3e1e69c0d44bb6554fde3a124137db8eb851d414136bdd956ecf113df5bb44e7342d302840054be90cc0c0f467d5eb60df7b3c627ce9a80c181a9e2f1ad96daef51200d17db8ca2654ede9cb9ba4b12da233de8749d976f429d1cd7c57fccccc59bc09ce7053f1ab00ec6c7c3d5c86be5cc279ff738780091ae2de5f9299490361ac65321781a606c1097abc9e5ec97b7575d93b2d2948786f4b8abfd3192ea1dd6411021c7defa70bb775116f19ad9dabd161cdb557b0c6879585f2ed00c45cedfd691f1e89e2c2c5d731a7afced04f2df249e47a3efee759ee32a861984cf0923ccc278e7dd065d3507d01de7efe7a31fa6aae96a973db3850100f6e7f8ca0da6e548f2fa736a9d504448c1aa8d7a76d1677c647e59aec8ba1fdb5d7472b61f442f19f52fd64fe0e1c272403117639bfbdf3c7aef9012f288b6d5142aa2ccc5c0d40939f909c27906911fde4ce8960c3cecfbbb9c6448"}, &(0x7f0000000040)=0x1024)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000000c0)=ANY=[@ANYRES64, @ANYRES32=r1], 0x2)

03:39:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22eb01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:10 executing program 1 (fault-call:3 fault-nth:66):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:10 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x100000000000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:10 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14)

[  384.684575][T17137] FAULT_INJECTION: forcing a failure.
[  384.684575][T17137] name failslab, interval 1, probability 0, space 0, times 0
[  384.712382][T17137] CPU: 0 PID: 17137 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  384.720411][T17137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  384.720424][T17137] Call Trace:
03:39:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ec01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  384.733809][T17137]  dump_stack+0x172/0x1f0
[  384.738171][T17137]  should_fail.cold+0xa/0x15
[  384.742819][T17137]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  384.748671][T17137]  ? ___might_sleep+0x163/0x280
[  384.748693][T17137]  __should_failslab+0x121/0x190
[  384.748712][T17137]  should_failslab+0x9/0x14
[  384.762992][T17137]  kmem_cache_alloc+0x2b2/0x6f0
[  384.767852][T17137]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  384.767879][T17137]  ? __vm_enough_memory+0x320/0x5a0
[  384.767905][T17137]  vm_area_dup+0x21/0x170
03:39:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ed01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  384.767922][T17137]  copy_process.part.0+0x3431/0x7980
[  384.767970][T17137]  ? __cleanup_sighand+0x60/0x60
[  384.783202][T17137]  ? lock_downgrade+0x880/0x880
[  384.783229][T17137]  ? kasan_check_write+0x14/0x20
[  384.783247][T17137]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  384.783270][T17137]  _do_fork+0x257/0xfd0
[  384.783299][T17137]  ? fork_idle+0x1d0/0x1d0
[  384.817395][T17137]  ? fput+0x1b/0x20
[  384.821224][T17137]  ? ksys_write+0x166/0x1f0
[  384.825741][T17137]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  384.831216][T17137]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  384.836687][T17137]  ? do_syscall_64+0x26/0x610
[  384.841372][T17137]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.841388][T17137]  ? do_syscall_64+0x26/0x610
[  384.841411][T17137]  __x64_sys_clone+0xbf/0x150
[  384.841440][T17137]  do_syscall_64+0x103/0x610
[  384.841460][T17137]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.841481][T17137] RIP: 0033:0x4582b9
03:39:11 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  384.852222][T17137] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  384.852230][T17137] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  384.852245][T17137] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  384.852254][T17137] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  384.852263][T17137] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  384.852272][T17137] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
03:39:11 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0xe00, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  384.852280][T17137] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:11 executing program 5:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:39:11 executing program 1 (fault-call:3 fault-nth:67):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ee01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:11 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x200000000000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:11 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0xffffffffffffffff, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

03:39:11 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3f00, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:11 executing program 4:
r0 = memfd_create(&(0x7f0000000140)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\x94a\xac', 0x0)
write$binfmt_misc(r0, &(0x7f0000000540)=ANY=[@ANYRES32], 0xfffffda2)
fcntl$addseals(r0, 0x409, 0x0)

[  385.574601][T17175] FAULT_INJECTION: forcing a failure.
[  385.574601][T17175] name failslab, interval 1, probability 0, space 0, times 0
[  385.618177][T17175] CPU: 1 PID: 17175 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  385.626216][T17175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  385.637148][T17175] Call Trace:
[  385.640470][T17175]  dump_stack+0x172/0x1f0
[  385.644825][T17175]  should_fail.cold+0xa/0x15
[  385.649467][T17175]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  385.655289][T17175]  ? find_held_lock+0x35/0x130
[  385.660065][T17175]  ? percpu_ref_put_many+0x94/0x190
[  385.665285][T17175]  __should_failslab+0x121/0x190
[  385.670246][T17175]  should_failslab+0x9/0x14
[  385.674853][T17175]  kmem_cache_alloc+0x47/0x6f0
[  385.679656][T17175]  anon_vma_clone+0xde/0x480
[  385.684271][T17175]  anon_vma_fork+0x8f/0x4a0
[  385.688789][T17175]  ? dup_userfaultfd+0x15e/0x6d0
[  385.693736][T17175]  ? memcpy+0x46/0x50
[  385.697737][T17175]  copy_process.part.0+0x350f/0x7980
[  385.703095][T17175]  ? __cleanup_sighand+0x60/0x60
[  385.708047][T17175]  ? lock_downgrade+0x880/0x880
[  385.712944][T17175]  ? kasan_check_write+0x14/0x20
03:39:11 executing program 5:
r0 = socket$inet6(0xa, 0x7ffff, 0xffffffffffffffff)
r1 = semget$private(0x0, 0x1, 0x200)
semctl$IPC_INFO(r1, 0x0, 0x3, &(0x7f00000001c0)=""/173)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r2 = syz_open_dev$sndtimer(&(0x7f00000000c0)='/dev/snd/timer\x00', 0x0, 0x0)
r3 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x300000004, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r3, 0x80045700, &(0x7f0000000080))
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000)={0x0, @aes256})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000a80000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000b581000000000000ec00000000000000000000000000000000000000000000000000000000000000000000000000000077c8b4ff0000000000000000000000fc447c4784afd970af85cb3a9ee9b25b03339a145ad7ed540a0eb9ac3e096b5f29e56643132047bb277e019d049f71cd9eb57a1db73e6cd34c618e5ce331104f56cdd2f211af90cfd5aa693e4b"], 0x1)
ioctl$FS_IOC_SETFSLABEL(r2, 0x41009432, &(0x7f0000000280)="db7f9ed062cd87c1d57ef8c8b5c26bc9bec86a8834a2cbe27309fc7bf8ae962497a66969fc79cd8a35141fc52862f6f61e2fac0f4f5fe6da280308ab87e2b0f6d3aedbcc5037b14a433eac78f2d8fa3f7702b8452d9a2109863b37d4968f9c834f08d19990d069fcf678c2f723f2b62f18aa9e91143d8d877f1ec241b8c3dc0272319c97f8f17e83f4153127f2c927cd689f94af74f076b942f494bfd5273ad3053c3c5000f97d79f9bcac7a0677f1e862b550596c83b4e2432537ad1f160bc035dc354c95999f8288f8feacd4dde7993db205c8de7058bd99519bc70df6c741a7b262c38961ab710064aa06b05073410953eb49fca1be25c955d66366f0fe04")

[  385.717904][T17175]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  385.723479][T17175]  _do_fork+0x257/0xfd0
[  385.727654][T17175]  ? fork_idle+0x1d0/0x1d0
[  385.732093][T17175]  ? fput+0x1b/0x20
[  385.735997][T17175]  ? ksys_write+0x166/0x1f0
[  385.742046][T17175]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  385.742064][T17175]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  385.742080][T17175]  ? do_syscall_64+0x26/0x610
[  385.742096][T17175]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  385.742110][T17175]  ? do_syscall_64+0x26/0x610
[  385.742129][T17175]  __x64_sys_clone+0xbf/0x150
[  385.742148][T17175]  do_syscall_64+0x103/0x610
[  385.742169][T17175]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  385.753095][T17175] RIP: 0033:0x4582b9
[  385.753111][T17175] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  385.753119][T17175] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:39:11 executing program 1 (fault-call:3 fault-nth:68):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22ef01001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  385.753134][T17175] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  385.753142][T17175] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  385.753151][T17175] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  385.753160][T17175] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  385.753168][T17175] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:12 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:12 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x300000000000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  385.904430][T17195] FAULT_INJECTION: forcing a failure.
[  385.904430][T17195] name failslab, interval 1, probability 0, space 0, times 0
[  385.962666][T17195] CPU: 0 PID: 17195 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  385.970688][T17195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  385.980760][T17195] Call Trace:
[  385.984085][T17195]  dump_stack+0x172/0x1f0
[  385.988448][T17195]  should_fail.cold+0xa/0x15
[  385.993085][T17195]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  385.998920][T17195]  ? ___might_sleep+0x163/0x280
[  386.003918][T17195]  __should_failslab+0x121/0x190
03:39:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22f001001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  386.008892][T17195]  should_failslab+0x9/0x14
[  386.013421][T17195]  kmem_cache_alloc+0x2b2/0x6f0
[  386.018289][T17195]  ? anon_vma_clone+0x320/0x480
[  386.023156][T17195]  anon_vma_fork+0xfc/0x4a0
[  386.027676][T17195]  ? dup_userfaultfd+0x15e/0x6d0
[  386.032620][T17195]  ? memcpy+0x46/0x50
[  386.032644][T17195]  copy_process.part.0+0x350f/0x7980
[  386.032687][T17195]  ? __cleanup_sighand+0x60/0x60
[  386.032702][T17195]  ? lock_downgrade+0x880/0x880
[  386.032726][T17195]  ? kasan_check_write+0x14/0x20
[  386.032743][T17195]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  386.032763][T17195]  _do_fork+0x257/0xfd0
[  386.032783][T17195]  ? fork_idle+0x1d0/0x1d0
[  386.032798][T17195]  ? fput+0x1b/0x20
[  386.032820][T17195]  ? ksys_write+0x166/0x1f0
[  386.047023][T17195]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  386.084775][T17195]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  386.090258][T17195]  ? do_syscall_64+0x26/0x610
[  386.094981][T17195]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  386.101082][T17195]  ? do_syscall_64+0x26/0x610
[  386.105782][T17195]  __x64_sys_clone+0xbf/0x150
03:39:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220102001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  386.110481][T17195]  do_syscall_64+0x103/0x610
[  386.115093][T17195]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  386.121004][T17195] RIP: 0033:0x4582b9
[  386.124920][T17195] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  386.144558][T17195] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  386.152996][T17195] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:39:12 executing program 5:
r0 = dup(0xffffffffffffff9c)
ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000000))
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  386.161004][T17195] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  386.169079][T17195] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  386.177075][T17195] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  386.185087][T17195] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220003001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:12 executing program 5:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r0, @ANYPTR64, @ANYRES32=0x0, @ANYRES64=0x0, @ANYRES64=r0], 0x5)
prctl$PR_SET_FPEXC(0xc, 0x10000)

03:39:12 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x400000000000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:12 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x1)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0)
mincore(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000000)=<r3=>0x0)
fcntl$setown(r0, 0x8, r3)
r4 = syz_open_procfs(0x0, &(0x7f0000000380)='oom_score\x00')
preadv(r4, &(0x7f0000000480), 0x1000000000000237, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0x0)
r5 = open(0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
read$FUSE(r5, 0x0, 0x0)
setxattr$security_smack_transmute(&(0x7f0000000340)='./file0\x00', &(0x7f00000003c0)='security.SMACK64TRANSMUTE\x00', 0x0, 0x0, 0x1)

03:39:12 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220103001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:12 executing program 5:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r0, 0x200001fff)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f000055bfe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x4000000000000054}, 0x98)

03:39:12 executing program 1 (fault-call:3 fault-nth:69):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:12 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x500000000000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220005001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  386.642397][T17251] FAULT_INJECTION: forcing a failure.
[  386.642397][T17251] name failslab, interval 1, probability 0, space 0, times 0
[  386.676361][T17251] CPU: 1 PID: 17251 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  386.685483][T17251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  386.696303][T17251] Call Trace:
[  386.699629][T17251]  dump_stack+0x172/0x1f0
[  386.704291][T17251]  should_fail.cold+0xa/0x15
[  386.709180][T17251]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  386.715456][T17251]  ? ___might_sleep+0x163/0x280
[  386.720756][T17251]  __should_failslab+0x121/0x190
[  386.726843][T17251]  should_failslab+0x9/0x14
[  386.726859][T17251]  kmem_cache_alloc+0x2b2/0x6f0
[  386.726914][T17251]  ? anon_vma_clone+0x320/0x480
[  386.726936][T17251]  anon_vma_fork+0x1ea/0x4a0
[  386.726951][T17251]  ? dup_userfaultfd+0x15e/0x6d0
[  386.726975][T17251]  copy_process.part.0+0x350f/0x7980
[  386.758111][T17251]  ? __cleanup_sighand+0x60/0x60
[  386.763759][T17251]  ? lock_downgrade+0x880/0x880
[  386.769262][T17251]  ? kasan_check_write+0x14/0x20
[  386.774634][T17251]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  386.780509][T17251]  _do_fork+0x257/0xfd0
[  386.784695][T17251]  ? fork_idle+0x1d0/0x1d0
[  386.789138][T17251]  ? fput+0x1b/0x20
[  386.793318][T17251]  ? ksys_write+0x166/0x1f0
[  386.797867][T17251]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  386.803936][T17251]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  386.809769][T17251]  ? do_syscall_64+0x26/0x610
[  386.814655][T17251]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  386.821002][T17251]  ? do_syscall_64+0x26/0x610
[  386.825962][T17251]  __x64_sys_clone+0xbf/0x150
[  386.831120][T17251]  do_syscall_64+0x103/0x610
[  386.836126][T17251]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  386.842163][T17251] RIP: 0033:0x4582b9
[  386.846254][T17251] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  386.866836][T17251] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  386.876035][T17251] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  386.884986][T17251] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:12 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:12 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220105001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:12 executing program 5:
r0 = memfd_create(&(0x7f0000000140)='\vE\xf4\x97\xac#*\xffp\t\xfc]\x83\xdb\xeb\xe2.\xa2\xd4pu\x81=\xa1\xabf\xe7\x8a\xba@\xd43\xf1A\x87\xdb\xb9\x9eX \xc6\xfe\xf3\x1a\x9fnj\x03.\x19S\xb1\xccn\x13\x81,\xd4\xcdt>E\x181%\x1d\\\xed\xbc\xf4\x17\xf0!\xd1\x06\xd7l\xc7lhz&\"@80\x98(\xeb\x1d(&0\x81&\xcf\x13k+\x17j;\xae\x1c\xb0j\xe8\x982\xb4\xee\x00'/127, 0x7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x6, 0x10, r0, 0x0)

03:39:13 executing program 4:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x1)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x94}], 0x1, 0x0)
mincore(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000000)=<r3=>0x0)
fcntl$setown(r0, 0x8, r3)
r4 = syz_open_procfs(0x0, &(0x7f0000000380)='oom_score\x00')
preadv(r4, &(0x7f0000000480), 0x1000000000000237, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0x0)
r5 = open(0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
read$FUSE(r5, 0x0, 0x0)
setxattr$security_smack_transmute(&(0x7f0000000340)='./file0\x00', &(0x7f00000003c0)='security.SMACK64TRANSMUTE\x00', 0x0, 0x0, 0x1)

[  386.893480][T17251] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  386.902055][T17251] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  386.910301][T17251] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220006001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:13 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x700000000000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:13 executing program 1 (fault-call:3 fault-nth:70):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:13 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  387.209427][T17275] FAULT_INJECTION: forcing a failure.
[  387.209427][T17275] name failslab, interval 1, probability 0, space 0, times 0
[  387.227342][T17275] CPU: 1 PID: 17275 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  387.235578][T17275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  387.246404][T17275] Call Trace:
[  387.250222][T17275]  dump_stack+0x172/0x1f0
[  387.250252][T17275]  should_fail.cold+0xa/0x15
[  387.259511][T17275]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  387.259533][T17275]  ? ___might_sleep+0x163/0x280
[  387.259553][T17275]  __should_failslab+0x121/0x190
[  387.259572][T17275]  should_failslab+0x9/0x14
[  387.280227][T17275]  kmem_cache_alloc+0x2b2/0x6f0
[  387.285837][T17275]  ? validate_mm_rb+0xa3/0xc0
[  387.290601][T17275]  vm_area_dup+0x21/0x170
[  387.294963][T17275]  copy_process.part.0+0x3431/0x7980
[  387.300357][T17275]  ? __cleanup_sighand+0x60/0x60
[  387.305496][T17275]  ? lock_downgrade+0x880/0x880
[  387.310546][T17275]  ? kasan_check_write+0x14/0x20
[  387.315762][T17275]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  387.321793][T17275]  _do_fork+0x257/0xfd0
[  387.326402][T17275]  ? fork_idle+0x1d0/0x1d0
[  387.326417][T17275]  ? fput+0x1b/0x20
[  387.326448][T17275]  ? ksys_write+0x166/0x1f0
[  387.335613][T17275]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  387.335628][T17275]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  387.335643][T17275]  ? do_syscall_64+0x26/0x610
03:39:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220106001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220007001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220107001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  387.335658][T17275]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  387.335672][T17275]  ? do_syscall_64+0x26/0x610
[  387.335692][T17275]  __x64_sys_clone+0xbf/0x150
[  387.335713][T17275]  do_syscall_64+0x103/0x610
[  387.377141][T17275]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  387.383341][T17275] RIP: 0033:0x4582b9
[  387.387438][T17275] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:39:13 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)
clock_gettime(0x0, 0x0)
openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)
r1 = open$dir(&(0x7f0000000180)='./file0\x00', 0x4040c0, 0x0)
dup2(r0, r1)
write$P9_RSTATFS(0xffffffffffffffff, 0x0, 0xfffffffffffffe0d)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc)

03:39:13 executing program 5:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x100, 0x0)

03:39:13 executing program 4:
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x2, 0x0)
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000080)=0x1)
ioctl$VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f0000000040)={0x1f, 0x5c317376, 0x1, @discrete={0x1, 0x9}})
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000d4b000)=ANY=[@ANYBLOB="00000000000000000a00000000000000ff010000000000000000000000001b0100000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000"], 0x1)

[  387.408134][T17275] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  387.408149][T17275] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  387.408157][T17275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  387.408164][T17275] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  387.408172][T17275] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  387.408180][T17275] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:13 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220108001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:13 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x500000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:13 executing program 1 (fault-call:3 fault-nth:71):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  387.670496][T17309] FAULT_INJECTION: forcing a failure.
[  387.670496][T17309] name failslab, interval 1, probability 0, space 0, times 0
[  387.684601][T17309] CPU: 1 PID: 17309 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  387.692643][T17309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  387.703196][T17309] Call Trace:
[  387.706827][T17309]  dump_stack+0x172/0x1f0
[  387.711497][T17309]  should_fail.cold+0xa/0x15
[  387.716798][T17309]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  387.724408][T17309]  ? ___might_sleep+0x163/0x280
[  387.729749][T17309]  __should_failslab+0x121/0x190
[  387.735015][T17309]  should_failslab+0x9/0x14
[  387.741058][T17309]  kmem_cache_alloc+0x2b2/0x6f0
[  387.746665][T17309]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  387.752952][T17309]  ? __vm_enough_memory+0x320/0x5a0
[  387.759649][T17309]  vm_area_dup+0x21/0x170
[  387.764024][T17309]  copy_process.part.0+0x3431/0x7980
[  387.770083][T17309]  ? __cleanup_sighand+0x60/0x60
[  387.775289][T17309]  ? lock_downgrade+0x880/0x880
[  387.780743][T17309]  ? kasan_check_write+0x14/0x20
[  387.785843][T17309]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  387.792155][T17309]  _do_fork+0x257/0xfd0
[  387.796533][T17309]  ? fork_idle+0x1d0/0x1d0
[  387.801477][T17309]  ? fput+0x1b/0x20
[  387.806034][T17309]  ? ksys_write+0x166/0x1f0
[  387.810558][T17309]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  387.816635][T17309]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  387.822790][T17309]  ? do_syscall_64+0x26/0x610
[  387.828789][T17309]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  387.835414][T17309]  ? do_syscall_64+0x26/0x610
[  387.840941][T17309]  __x64_sys_clone+0xbf/0x150
[  387.845718][T17309]  do_syscall_64+0x103/0x610
[  387.850599][T17309]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  387.856782][T17309] RIP: 0033:0x4582b9
[  387.860865][T17309] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  387.882333][T17309] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  387.892681][T17309] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  387.901301][T17309] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  387.909632][T17309] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  387.918620][T17309] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  387.927577][T17309] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:14 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x800000000000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:14 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:14 executing program 5:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x300000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220009001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:14 executing program 1 (fault-call:3 fault-nth:72):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:14 executing program 4 (fault-call:2 fault-nth:0):
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  388.117132][T17318] FAULT_INJECTION: forcing a failure.
[  388.117132][T17318] name failslab, interval 1, probability 0, space 0, times 0
[  388.119802][T17328] FAULT_INJECTION: forcing a failure.
[  388.119802][T17328] name failslab, interval 1, probability 0, space 0, times 0
[  388.149614][T17328] CPU: 0 PID: 17328 Comm: syz-executor.4 Not tainted 5.1.0-rc3+ #55
[  388.158411][T17328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  388.168834][T17328] Call Trace:
[  388.168860][T17328]  dump_stack+0x172/0x1f0
[  388.176963][T17328]  should_fail.cold+0xa/0x15
[  388.181818][T17328]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  388.188038][T17328]  ? ___might_sleep+0x163/0x280
[  388.188058][T17328]  __should_failslab+0x121/0x190
[  388.188075][T17328]  should_failslab+0x9/0x14
[  388.188091][T17328]  kmem_cache_alloc+0x2b2/0x6f0
[  388.188109][T17328]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  388.188131][T17328]  ? _copy_from_user+0xdd/0x150
[  388.220856][T17328]  io_submit_one+0x10e/0x2f90
[  388.225955][T17328]  ? __might_fault+0x12b/0x1e0
[  388.231453][T17328]  ? find_held_lock+0x35/0x130
[  388.236985][T17328]  ? ioctx_alloc+0x1db0/0x1db0
[  388.242186][T17328]  ? __might_fault+0x12b/0x1e0
[  388.247295][T17328]  __x64_sys_io_submit+0x1bd/0x580
[  388.252799][T17328]  ? __x64_sys_io_submit+0x1bd/0x580
[  388.258381][T17328]  ? __ia32_sys_io_destroy+0x420/0x420
[  388.264073][T17328]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  388.269736][T17328]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  388.275549][T17328]  ? do_syscall_64+0x26/0x610
[  388.280778][T17328]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  388.287439][T17328]  ? do_syscall_64+0x26/0x610
[  388.292362][T17328]  ? lockdep_hardirqs_on+0x418/0x5d0
[  388.298054][T17328]  do_syscall_64+0x103/0x610
[  388.302933][T17328]  ? __ia32_sys_io_destroy+0x420/0x420
[  388.308518][T17328]  ? do_syscall_64+0x103/0x610
[  388.313340][T17328]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  388.319562][T17328] RIP: 0033:0x4582b9
[  388.323747][T17328] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  388.344138][T17328] RSP: 002b:00007f7e5296ac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[  388.353025][T17328] RAX: ffffffffffffffda RBX: 00007f7e5296ac90 RCX: 00000000004582b9
03:39:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220109001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  388.361529][T17328] RDX: 0000000020001700 RSI: 0000000000000001 RDI: 00007f7e5294a000
[  388.369801][T17328] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  388.378291][T17328] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7e5296b6d4
[  388.386613][T17328] R13: 00000000004bf420 R14: 00000000004d11a8 R15: 0000000000000005
[  388.410783][T17318] CPU: 1 PID: 17318 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  388.419179][T17318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  388.429433][T17318] Call Trace:
[  388.433129][T17318]  dump_stack+0x172/0x1f0
[  388.437591][T17318]  should_fail.cold+0xa/0x15
[  388.442501][T17318]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  388.448551][T17318]  ? find_held_lock+0x35/0x130
[  388.453525][T17318]  ? percpu_ref_put_many+0x94/0x190
[  388.458848][T17318]  __should_failslab+0x121/0x190
[  388.464314][T17318]  should_failslab+0x9/0x14
[  388.469147][T17318]  kmem_cache_alloc+0x47/0x6f0
[  388.474457][T17318]  anon_vma_clone+0xde/0x480
[  388.479167][T17318]  anon_vma_fork+0x8f/0x4a0
[  388.483780][T17318]  ? dup_userfaultfd+0x15e/0x6d0
[  388.489121][T17318]  ? memcpy+0x46/0x50
[  388.493244][T17318]  copy_process.part.0+0x350f/0x7980
[  388.499129][T17318]  ? __cleanup_sighand+0x60/0x60
[  388.504188][T17318]  ? lock_downgrade+0x880/0x880
[  388.509526][T17318]  ? kasan_check_write+0x14/0x20
[  388.514520][T17318]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  388.520102][T17318]  _do_fork+0x257/0xfd0
[  388.525331][T17318]  ? fork_idle+0x1d0/0x1d0
[  388.530614][T17318]  ? fput+0x1b/0x20
[  388.534726][T17318]  ? ksys_write+0x166/0x1f0
[  388.540055][T17318]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  388.545657][T17318]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  388.554363][T17318]  ? do_syscall_64+0x26/0x610
[  388.560259][T17318]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  388.567753][T17318]  ? do_syscall_64+0x26/0x610
[  388.572811][T17318]  __x64_sys_clone+0xbf/0x150
[  388.578329][T17318]  do_syscall_64+0x103/0x610
[  388.583290][T17318]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  388.589536][T17318] RIP: 0033:0x4582b9
[  388.593831][T17318] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  388.615076][T17318] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  388.624191][T17318] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  388.632737][T17318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  388.640952][T17318] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  388.649412][T17318] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  388.658490][T17318] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:14 executing program 5:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x300000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:14 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22000a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:14 executing program 1 (fault-call:3 fault-nth:73):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:15 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22010a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:15 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  388.985844][T17353] FAULT_INJECTION: forcing a failure.
[  388.985844][T17353] name failslab, interval 1, probability 0, space 0, times 0
[  389.028404][T17353] CPU: 1 PID: 17353 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  389.037355][T17353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  389.049450][T17353] Call Trace:
[  389.053341][T17353]  dump_stack+0x172/0x1f0
[  389.058150][T17353]  should_fail.cold+0xa/0x15
[  389.063155][T17353]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  389.069492][T17353]  ? __sched_text_start+0x8/0x8
[  389.074646][T17353]  ? percpu_ref_put_many+0x94/0x190
[  389.080227][T17353]  __should_failslab+0x121/0x190
[  389.085383][T17353]  should_failslab+0x9/0x14
[  389.090044][T17353]  kmem_cache_alloc+0x47/0x6f0
[  389.095360][T17353]  anon_vma_clone+0xde/0x480
[  389.100213][T17353]  anon_vma_fork+0x8f/0x4a0
[  389.104864][T17353]  ? dup_userfaultfd+0x15e/0x6d0
[  389.110318][T17353]  ? memcpy+0x46/0x50
[  389.114783][T17353]  copy_process.part.0+0x350f/0x7980
[  389.120216][T17353]  ? __cleanup_sighand+0x60/0x60
[  389.125423][T17353]  ? lock_downgrade+0x880/0x880
[  389.131026][T17353]  ? kasan_check_write+0x14/0x20
[  389.136507][T17353]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  389.142669][T17353]  _do_fork+0x257/0xfd0
[  389.147598][T17353]  ? fork_idle+0x1d0/0x1d0
[  389.152281][T17353]  ? fput+0x1b/0x20
[  389.156586][T17353]  ? ksys_write+0x166/0x1f0
[  389.161627][T17353]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  389.167944][T17353]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  389.174141][T17353]  ? do_syscall_64+0x26/0x610
[  389.179004][T17353]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  389.185356][T17353]  ? do_syscall_64+0x26/0x610
[  389.190634][T17353]  __x64_sys_clone+0xbf/0x150
[  389.195653][T17353]  do_syscall_64+0x103/0x610
[  389.200814][T17353]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  389.207243][T17353] RIP: 0033:0x4582b9
[  389.211263][T17353] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  389.232333][T17353] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  389.242152][T17353] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  389.251464][T17353] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  389.259947][T17353] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  389.268564][T17353] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  389.276976][T17353] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:17 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x8000000000000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:17 executing program 4 (fault-call:2 fault-nth:1):
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:17 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.threads\x00', 0x2, 0x0)
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x8000, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_RESET_STATS(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r3, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x40, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7ff}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffffffffffffb}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000014}, 0x4804)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)

03:39:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22000b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:17 executing program 1 (fault-call:3 fault-nth:74):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:17 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  391.109942][T17371] FAULT_INJECTION: forcing a failure.
[  391.109942][T17371] name failslab, interval 1, probability 0, space 0, times 0
[  391.139934][T17371] CPU: 1 PID: 17371 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  391.148686][T17371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  391.159284][T17371] Call Trace:
[  391.162844][T17371]  dump_stack+0x172/0x1f0
[  391.167502][T17371]  should_fail.cold+0xa/0x15
[  391.172124][T17371]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  391.178455][T17371]  ? ___might_sleep+0x163/0x280
[  391.183357][T17371]  __should_failslab+0x121/0x190
[  391.188572][T17371]  should_failslab+0x9/0x14
[  391.193191][T17371]  kmem_cache_alloc+0x2b2/0x6f0
[  391.198182][T17371]  ? anon_vma_clone+0x320/0x480
[  391.203502][T17371]  anon_vma_fork+0xfc/0x4a0
[  391.208121][T17371]  ? dup_userfaultfd+0x15e/0x6d0
[  391.213092][T17371]  ? memcpy+0x46/0x50
[  391.217109][T17371]  copy_process.part.0+0x350f/0x7980
[  391.223047][T17371]  ? __cleanup_sighand+0x60/0x60
[  391.228321][T17371]  ? lock_downgrade+0x880/0x880
[  391.234099][T17371]  ? kasan_check_write+0x14/0x20
[  391.239151][T17371]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  391.239176][T17371]  _do_fork+0x257/0xfd0
[  391.239197][T17371]  ? fork_idle+0x1d0/0x1d0
[  391.239217][T17371]  ? fput+0x1b/0x20
[  391.257537][T17371]  ? ksys_write+0x166/0x1f0
[  391.262585][T17371]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  391.262601][T17371]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  391.262617][T17371]  ? do_syscall_64+0x26/0x610
[  391.262633][T17371]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  391.262647][T17371]  ? do_syscall_64+0x26/0x610
[  391.262667][T17371]  __x64_sys_clone+0xbf/0x150
[  391.262686][T17371]  do_syscall_64+0x103/0x610
[  391.262703][T17371]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  391.262734][T17371] RIP: 0033:0x4582b9
[  391.310231][T17371] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  391.331534][T17371] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  391.340517][T17371] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  391.349067][T17371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:17 executing program 5:
syz_emit_ethernet(0xffb6, &(0x7f000000a000)=ANY=[@ANYBLOB="ffe0ffffffffffffffffffff08b14500fec300000000002f9078ac14ffbbe000000100006558ca889078"], 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uhid\x00', 0x2, 0x0)

03:39:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22010b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:17 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f3188b070")
sendfile(r0, r0, &(0x7f0000000000), 0xf89f)
r1 = socket$isdn(0x22, 0x3, 0x0)
dup3(r0, r1, 0x0)

03:39:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22000c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:17 executing program 5:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x20000, 0x0)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000002c0)={&(0x7f0000000100), 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x64, r1, 0x20, 0x70bd2b, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x50, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x634}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x804)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$inet6(0xa, 0x6, 0x0)
fsetxattr$trusted_overlay_opaque(r3, &(0x7f0000000000)='trusted.overlay.opaque\x00', &(0x7f0000000040)='y\x00', 0x2, 0x1)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r4, 0x0)
dup2(r3, r4)
fcntl$getownex(r4, 0x10, &(0x7f0000000080)={0x0, <r5=>0x0})
ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f0000000140)=r5)

03:39:17 executing program 5:
r0 = socket$inet(0x2, 0x3, 0x2)
r1 = getpgid(0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000080)={0x2, r1})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
socket$inet(0x2, 0x7, 0xfffffffffffffff7)
getsockopt$bt_hci(r2, 0x0, 0x3, &(0x7f0000000440)=""/248, &(0x7f0000000540)=0xf8)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0)
recvmsg$kcm(0xffffffffffffff9c, &(0x7f0000000380)={&(0x7f0000000100)=@can={0x1d, <r5=>0x0}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000180)=""/211, 0xd3}], 0x1, &(0x7f00000002c0)=""/189, 0xbd}, 0x0)
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000003c0)={@empty, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, 0x80000001, 0x6, 0x5b50, 0x400, 0x0, 0xc0044, r5})
setsockopt$inet_int(r0, 0x0, 0xca, &(0x7f0000000000)=0x10001, 0x10)

[  391.357405][T17371] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  391.365675][T17371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  391.374081][T17371] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:17 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x2, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:17 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22010c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:17 executing program 5:
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x0, 0x10000)
r1 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000100)={0x3, r0})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000080)={0x6, r1})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0)
getuid()
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000005}, 0x8000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_TXQLEN={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

03:39:17 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:17 executing program 1 (fault-call:3 fault-nth:75):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  391.699791][T17420] FAULT_INJECTION: forcing a failure.
[  391.699791][T17420] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  391.714050][T17420] CPU: 1 PID: 17420 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  391.722925][T17420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  391.734843][T17420] Call Trace:
[  391.738292][T17420]  dump_stack+0x172/0x1f0
[  391.745920][T17420]  should_fail.cold+0xa/0x15
[  391.751262][T17420]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  391.757463][T17420]  ? ___might_sleep+0x163/0x280
[  391.763071][T17420]  should_fail_alloc_page+0x50/0x60
[  391.770112][T17420]  __alloc_pages_nodemask+0x1a1/0x7e0
[  391.775926][T17420]  ? find_held_lock+0x35/0x130
[  391.781441][T17420]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  391.787486][T17420]  ? find_held_lock+0x35/0x130
[  391.793836][T17420]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  391.801484][T17420]  alloc_pages_current+0x107/0x210
[  391.807047][T17420]  ? kvm_mmu_notifier_invalidate_range_start+0x1d2/0x280
[  391.814996][T17420]  get_zeroed_page+0x14/0x50
[  391.819707][T17420]  __pud_alloc+0x3b/0x250
[  391.824418][T17420]  pud_alloc+0xde/0x150
[  391.829348][T17420]  copy_page_range+0x375/0x1f90
[  391.834493][T17420]  ? find_held_lock+0x35/0x130
[  391.840048][T17420]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  391.846287][T17420]  ? vma_compute_subtree_gap+0x158/0x230
[  391.852353][T17420]  ? vma_gap_callbacks_rotate+0x62/0x80
[  391.858552][T17420]  ? pmd_alloc+0x180/0x180
[  391.863594][T17420]  ? validate_mm_rb+0xa3/0xc0
[  391.870102][T17420]  ? __vma_link_rb+0x279/0x370
[  391.876387][T17420]  copy_process.part.0+0x568b/0x7980
[  391.882383][T17420]  ? __cleanup_sighand+0x60/0x60
[  391.888176][T17420]  ? lock_downgrade+0x880/0x880
[  391.893644][T17420]  ? kasan_check_write+0x14/0x20
[  391.899050][T17420]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  391.905639][T17420]  _do_fork+0x257/0xfd0
[  391.911250][T17420]  ? fork_idle+0x1d0/0x1d0
[  391.915766][T17420]  ? fput+0x1b/0x20
[  391.919960][T17420]  ? ksys_write+0x166/0x1f0
[  391.925838][T17420]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  391.931572][T17420]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  391.937210][T17420]  ? do_syscall_64+0x26/0x610
[  391.942418][T17420]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  391.949174][T17420]  ? do_syscall_64+0x26/0x610
[  391.954836][T17420]  __x64_sys_clone+0xbf/0x150
[  391.959832][T17420]  do_syscall_64+0x103/0x610
[  391.964843][T17420]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  391.972149][T17420] RIP: 0033:0x4582b9
[  391.976458][T17420] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  391.997783][T17420] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  392.007000][T17420] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  392.015675][T17420] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  392.025387][T17420] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  392.033915][T17420] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  392.042636][T17420] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:18 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0xe000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22000d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:18 executing program 1 (fault-call:3 fault-nth:76):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:18 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:18 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x3, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  392.137228][T17414] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
03:39:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22010d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  392.245381][T17435] FAULT_INJECTION: forcing a failure.
[  392.245381][T17435] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  392.293031][T17435] CPU: 0 PID: 17435 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  392.301811][T17435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  392.312480][T17435] Call Trace:
[  392.316222][T17435]  dump_stack+0x172/0x1f0
[  392.320721][T17435]  should_fail.cold+0xa/0x15
[  392.325695][T17435]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  392.331833][T17435]  ? ___might_sleep+0x163/0x280
[  392.337064][T17435]  should_fail_alloc_page+0x50/0x60
03:39:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22000e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  392.342671][T17435]  __alloc_pages_nodemask+0x1a1/0x7e0
[  392.348769][T17435]  ? find_held_lock+0x35/0x130
[  392.354086][T17435]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  392.359829][T17435]  ? find_held_lock+0x35/0x130
[  392.365271][T17435]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  392.372457][T17435]  alloc_pages_current+0x107/0x210
[  392.378039][T17435]  ? kvm_mmu_notifier_invalidate_range_start+0x1d2/0x280
[  392.385825][T17435]  get_zeroed_page+0x14/0x50
03:39:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22010e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  392.391143][T17435]  __pud_alloc+0x3b/0x250
[  392.395936][T17435]  pud_alloc+0xde/0x150
[  392.400373][T17435]  copy_page_range+0x375/0x1f90
[  392.405545][T17435]  ? find_held_lock+0x35/0x130
[  392.410807][T17435]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  392.416731][T17435]  ? vma_compute_subtree_gap+0x158/0x230
[  392.422825][T17435]  ? vma_gap_callbacks_rotate+0x62/0x80
[  392.429025][T17435]  ? pmd_alloc+0x180/0x180
[  392.429043][T17435]  ? validate_mm_rb+0xa3/0xc0
[  392.429059][T17435]  ? __vma_link_rb+0x279/0x370
[  392.429083][T17435]  copy_process.part.0+0x568b/0x7980
[  392.451488][T17435]  ? __cleanup_sighand+0x60/0x60
[  392.451505][T17435]  ? lock_downgrade+0x880/0x880
[  392.451532][T17435]  ? kasan_check_write+0x14/0x20
[  392.451549][T17435]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  392.451570][T17435]  _do_fork+0x257/0xfd0
[  392.451590][T17435]  ? fork_idle+0x1d0/0x1d0
[  392.451604][T17435]  ? fput+0x1b/0x20
03:39:18 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22c00e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  392.451619][T17435]  ? ksys_write+0x166/0x1f0
[  392.451637][T17435]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  392.451652][T17435]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  392.451666][T17435]  ? do_syscall_64+0x26/0x610
[  392.451680][T17435]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  392.451693][T17435]  ? do_syscall_64+0x26/0x610
[  392.451712][T17435]  __x64_sys_clone+0xbf/0x150
[  392.451733][T17435]  do_syscall_64+0x103/0x610
[  392.536162][T17435]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  392.542238][T17435] RIP: 0033:0x4582b9
[  392.546254][T17435] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  392.567209][T17435] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  392.577276][T17435] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  392.586489][T17435] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  392.594582][T17435] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  392.602766][T17435] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  392.611239][T17435] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:19 executing program 5:
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x0, 0x10000)
r1 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000100)={0x3, r0})
ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000080)={0x6, r1})
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0)
getuid()
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000005}, 0x8000)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_TXQLEN={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

03:39:19 executing program 1 (fault-call:3 fault-nth:77):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22000f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:19 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:19 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3f000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  392.979530][T17473] FAULT_INJECTION: forcing a failure.
[  392.979530][T17473] name failslab, interval 1, probability 0, space 0, times 0
[  392.996927][T17473] CPU: 1 PID: 17473 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  393.005501][T17473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  393.016537][T17473] Call Trace:
[  393.020537][T17473]  dump_stack+0x172/0x1f0
[  393.025827][T17473]  should_fail.cold+0xa/0x15
[  393.031930][T17473]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  393.038538][T17473]  ? ___might_sleep+0x163/0x280
[  393.043780][T17473]  __should_failslab+0x121/0x190
[  393.049143][T17473]  should_failslab+0x9/0x14
[  393.054005][T17473]  kmem_cache_alloc+0x2b2/0x6f0
[  393.059951][T17473]  ? alloc_pages_current+0x10f/0x210
[  393.065747][T17473]  ? do_raw_spin_unlock+0x57/0x270
[  393.071564][T17473]  __pmd_alloc+0xc9/0x460
[  393.076514][T17473]  ? pmd_val+0x100/0x100
[  393.081139][T17473]  pmd_alloc+0x10c/0x180
[  393.085734][T17473]  copy_page_range+0x62e/0x1f90
[  393.090720][T17473]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  393.096815][T17473]  ? vma_compute_subtree_gap+0x158/0x230
[  393.102655][T17473]  ? vma_gap_callbacks_rotate+0x62/0x80
[  393.108234][T17473]  ? pmd_alloc+0x180/0x180
[  393.112770][T17473]  ? validate_mm_rb+0xa3/0xc0
[  393.117652][T17473]  ? __vma_link_rb+0x279/0x370
[  393.122918][T17473]  copy_process.part.0+0x568b/0x7980
[  393.129983][T17473]  ? __cleanup_sighand+0x60/0x60
[  393.135552][T17473]  ? lock_downgrade+0x880/0x880
[  393.136124][T17475] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  393.141059][T17473]  ? kasan_check_write+0x14/0x20
[  393.141077][T17473]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  393.141101][T17473]  _do_fork+0x257/0xfd0
[  393.141122][T17473]  ? fork_idle+0x1d0/0x1d0
[  393.141137][T17473]  ? fput+0x1b/0x20
[  393.141154][T17473]  ? ksys_write+0x166/0x1f0
[  393.141178][T17473]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  393.183671][T17473]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  393.189423][T17473]  ? do_syscall_64+0x26/0x610
[  393.194464][T17473]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  393.201119][T17473]  ? do_syscall_64+0x26/0x610
[  393.205842][T17473]  __x64_sys_clone+0xbf/0x150
[  393.210787][T17473]  do_syscall_64+0x103/0x610
[  393.215761][T17473]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  393.222554][T17473] RIP: 0033:0x4582b9
[  393.227564][T17473] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  393.249438][T17473] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  393.258404][T17473] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  393.266656][T17473] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22010f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  393.275181][T17473] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  393.284182][T17473] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  393.292589][T17473] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:19 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x4, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220110001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:19 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x5, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:19 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x100000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220011001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:19 executing program 5:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x2, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:19 executing program 1 (fault-call:3 fault-nth:78):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:19 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220111001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:19 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x300, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  393.669695][T17512] FAULT_INJECTION: forcing a failure.
[  393.669695][T17512] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  393.691533][T17512] CPU: 1 PID: 17512 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  393.700110][T17512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  393.710970][T17512] Call Trace:
[  393.714689][T17512]  dump_stack+0x172/0x1f0
[  393.719145][T17512]  should_fail.cold+0xa/0x15
[  393.724008][T17512]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  393.730029][T17512]  ? ___might_sleep+0x163/0x280
[  393.735226][T17512]  should_fail_alloc_page+0x50/0x60
[  393.735243][T17512]  __alloc_pages_nodemask+0x1a1/0x7e0
[  393.735256][T17512]  ? find_held_lock+0x35/0x130
[  393.735275][T17512]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  393.735291][T17512]  ? kasan_check_write+0x14/0x20
[  393.735307][T17512]  ? lock_downgrade+0x880/0x880
[  393.735327][T17512]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  393.735345][T17512]  alloc_pages_current+0x107/0x210
[  393.735365][T17512]  pte_alloc_one+0x1b/0x1a0
[  393.735382][T17512]  __pte_alloc+0x20/0x310
[  393.735404][T17512]  copy_page_range+0x1529/0x1f90
[  393.795819][T17512]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  393.802088][T17512]  ? pmd_alloc+0x180/0x180
[  393.806707][T17512]  ? validate_mm_rb+0xa3/0xc0
[  393.812181][T17512]  ? __vma_link_rb+0x279/0x370
[  393.817680][T17512]  copy_process.part.0+0x568b/0x7980
[  393.823470][T17512]  ? __cleanup_sighand+0x60/0x60
[  393.828845][T17512]  ? lock_downgrade+0x880/0x880
[  393.834174][T17512]  ? kasan_check_write+0x14/0x20
[  393.839781][T17512]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  393.845535][T17512]  _do_fork+0x257/0xfd0
[  393.850173][T17512]  ? fork_idle+0x1d0/0x1d0
[  393.855505][T17512]  ? fput+0x1b/0x20
[  393.860085][T17512]  ? ksys_write+0x166/0x1f0
[  393.865353][T17512]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  393.871198][T17512]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  393.877571][T17512]  ? do_syscall_64+0x26/0x610
[  393.882571][T17512]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  393.889114][T17512]  ? do_syscall_64+0x26/0x610
[  393.894820][T17512]  __x64_sys_clone+0xbf/0x150
[  393.899702][T17512]  do_syscall_64+0x103/0x610
[  393.904427][T17512]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  393.910666][T17512] RIP: 0033:0x4582b9
[  393.914849][T17512] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  393.935712][T17512] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  393.944555][T17512] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  393.953042][T17512] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  393.962225][T17512] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
03:39:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220012001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  393.971183][T17512] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  393.979833][T17512] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:20 executing program 1 (fault-call:3 fault-nth:79):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:20 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x7, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220112001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:20 executing program 5:
unshare(0x2000400)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/rt6_stats\x00')
inotify_rm_watch(r0, 0x0)

03:39:20 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x200000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:20 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x20000181, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220013001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  394.219020][T17542] FAULT_INJECTION: forcing a failure.
[  394.219020][T17542] name failslab, interval 1, probability 0, space 0, times 0
03:39:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220113001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  394.261156][T17542] CPU: 0 PID: 17542 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  394.269267][T17542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  394.279935][T17542] Call Trace:
[  394.283328][T17542]  dump_stack+0x172/0x1f0
[  394.288098][T17542]  should_fail.cold+0xa/0x15
[  394.293149][T17542]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  394.299983][T17542]  ? ___might_sleep+0x163/0x280
[  394.305534][T17542]  __should_failslab+0x121/0x190
03:39:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220014001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  394.310777][T17542]  should_failslab+0x9/0x14
[  394.316227][T17542]  kmem_cache_alloc+0x2b2/0x6f0
[  394.321444][T17542]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  394.328118][T17542]  ptlock_alloc+0x20/0x70
[  394.332486][T17542]  pte_alloc_one+0x6d/0x1a0
[  394.332504][T17542]  __pte_alloc+0x20/0x310
[  394.332529][T17542]  copy_page_range+0x1529/0x1f90
[  394.347037][T17542]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  394.347060][T17542]  ? pmd_alloc+0x180/0x180
[  394.347079][T17542]  ? validate_mm_rb+0xa3/0xc0
[  394.362590][T17542]  ? __vma_link_rb+0x279/0x370
[  394.367477][T17542]  copy_process.part.0+0x568b/0x7980
[  394.373004][T17542]  ? __cleanup_sighand+0x60/0x60
[  394.378271][T17542]  ? lock_downgrade+0x880/0x880
[  394.383725][T17542]  ? kasan_check_write+0x14/0x20
[  394.389230][T17542]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  394.395369][T17542]  _do_fork+0x257/0xfd0
[  394.399733][T17542]  ? fork_idle+0x1d0/0x1d0
[  394.404783][T17542]  ? fput+0x1b/0x20
[  394.408830][T17542]  ? ksys_write+0x166/0x1f0
[  394.414613][T17542]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  394.420586][T17542]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  394.426970][T17542]  ? do_syscall_64+0x26/0x610
[  394.432062][T17542]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  394.438658][T17542]  ? do_syscall_64+0x26/0x610
[  394.443859][T17542]  __x64_sys_clone+0xbf/0x150
[  394.448806][T17542]  do_syscall_64+0x103/0x610
[  394.454310][T17542]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  394.460989][T17542] RIP: 0033:0x4582b9
[  394.465244][T17542] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  394.486182][T17542] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  394.495156][T17542] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  394.503495][T17542] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220114001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  394.512332][T17542] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  394.520680][T17542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  394.529382][T17542] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:20 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:20 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x300000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:20 executing program 1 (fault-call:3 fault-nth:80):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:20 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x8, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:20 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000002, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220015001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  394.761045][T17573] FAULT_INJECTION: forcing a failure.
[  394.761045][T17573] name failslab, interval 1, probability 0, space 0, times 0
[  394.785436][T17573] CPU: 0 PID: 17573 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  394.794015][T17573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  394.804961][T17573] Call Trace:
03:39:20 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220115001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  394.808476][T17573]  dump_stack+0x172/0x1f0
[  394.813219][T17573]  should_fail.cold+0xa/0x15
[  394.817863][T17573]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  394.823920][T17573]  ? ___might_sleep+0x163/0x280
[  394.829468][T17573]  __should_failslab+0x121/0x190
[  394.834644][T17573]  should_failslab+0x9/0x14
[  394.839346][T17573]  kmem_cache_alloc+0x2b2/0x6f0
[  394.844317][T17573]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  394.851079][T17573]  ptlock_alloc+0x20/0x70
[  394.855525][T17573]  pte_alloc_one+0x6d/0x1a0
[  394.860054][T17573]  __pte_alloc+0x20/0x310
[  394.864659][T17573]  copy_page_range+0x1529/0x1f90
[  394.869779][T17573]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  394.875621][T17573]  ? pmd_alloc+0x180/0x180
[  394.880564][T17573]  ? validate_mm_rb+0xa3/0xc0
[  394.885520][T17573]  ? __vma_link_rb+0x279/0x370
[  394.890406][T17573]  copy_process.part.0+0x568b/0x7980
[  394.896325][T17573]  ? __cleanup_sighand+0x60/0x60
[  394.901387][T17573]  ? lock_downgrade+0x880/0x880
[  394.906278][T17573]  ? kasan_check_write+0x14/0x20
03:39:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220016001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  394.911402][T17573]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  394.917438][T17573]  _do_fork+0x257/0xfd0
[  394.921630][T17573]  ? fork_idle+0x1d0/0x1d0
[  394.926172][T17573]  ? fput+0x1b/0x20
[  394.930097][T17573]  ? ksys_write+0x166/0x1f0
[  394.935128][T17573]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  394.940936][T17573]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  394.946524][T17573]  ? do_syscall_64+0x26/0x610
[  394.951311][T17573]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
03:39:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220116001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  394.957700][T17573]  ? do_syscall_64+0x26/0x610
[  394.962515][T17573]  __x64_sys_clone+0xbf/0x150
[  394.967758][T17573]  do_syscall_64+0x103/0x610
[  394.972737][T17573]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  394.978737][T17573] RIP: 0033:0x4582b9
[  394.983001][T17573] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:39:21 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

[  395.005628][T17573] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  395.014413][T17573] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  395.022957][T17573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  395.031403][T17573] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  395.040290][T17573] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  395.049637][T17573] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220017001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:21 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x400000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:21 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x300, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:21 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000003, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:21 executing program 1 (fault-call:3 fault-nth:81):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220117001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:21 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220018001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  395.364079][T17622] FAULT_INJECTION: forcing a failure.
[  395.364079][T17622] name failslab, interval 1, probability 0, space 0, times 0
[  395.391741][T17622] CPU: 1 PID: 17622 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  395.400140][T17622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  395.411594][T17622] Call Trace:
[  395.415006][T17622]  dump_stack+0x172/0x1f0
[  395.419561][T17622]  should_fail.cold+0xa/0x15
[  395.424809][T17622]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  395.431454][T17622]  ? find_held_lock+0x35/0x130
[  395.436522][T17622]  ? percpu_ref_put_many+0x94/0x190
[  395.442185][T17622]  __should_failslab+0x121/0x190
[  395.447344][T17622]  should_failslab+0x9/0x14
[  395.452112][T17622]  kmem_cache_alloc+0x47/0x6f0
[  395.457496][T17622]  anon_vma_clone+0xde/0x480
[  395.462690][T17622]  anon_vma_fork+0x8f/0x4a0
[  395.467219][T17622]  ? dup_userfaultfd+0x15e/0x6d0
[  395.472676][T17622]  ? memcpy+0x46/0x50
[  395.477173][T17622]  copy_process.part.0+0x350f/0x7980
[  395.483106][T17622]  ? __cleanup_sighand+0x60/0x60
[  395.488480][T17622]  ? lock_downgrade+0x880/0x880
[  395.493968][T17622]  ? kasan_check_write+0x14/0x20
[  395.499933][T17622]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  395.506556][T17622]  _do_fork+0x257/0xfd0
03:39:21 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x500000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  395.510983][T17622]  ? fork_idle+0x1d0/0x1d0
[  395.516048][T17622]  ? fput+0x1b/0x20
[  395.520066][T17622]  ? ksys_write+0x166/0x1f0
[  395.524602][T17622]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  395.530214][T17622]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  395.535975][T17622]  ? do_syscall_64+0x26/0x610
[  395.541133][T17622]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  395.547403][T17622]  ? do_syscall_64+0x26/0x610
[  395.552468][T17622]  __x64_sys_clone+0xbf/0x150
[  395.557436][T17622]  do_syscall_64+0x103/0x610
[  395.562510][T17622]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  395.569952][T17622] RIP: 0033:0x4582b9
[  395.574050][T17622] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  395.595749][T17622] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  395.604472][T17622] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  395.612946][T17622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  395.621089][T17622] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  395.629459][T17622] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  395.639397][T17622] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:21 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x500, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220118001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:21 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000004, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:21 executing program 1 (fault-call:3 fault-nth:82):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:21 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220019001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:22 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x700, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:22 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000005, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:22 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220119001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  395.972604][T17660] FAULT_INJECTION: forcing a failure.
[  395.972604][T17660] name failslab, interval 1, probability 0, space 0, times 0
[  396.050038][T17660] CPU: 1 PID: 17660 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  396.059330][T17660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  396.072499][T17660] Call Trace:
[  396.076056][T17660]  dump_stack+0x172/0x1f0
[  396.081113][T17660]  should_fail.cold+0xa/0x15
[  396.086441][T17660]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  396.092960][T17660]  ? find_held_lock+0x35/0x130
[  396.098362][T17660]  ? percpu_ref_put_many+0x94/0x190
[  396.104143][T17660]  __should_failslab+0x121/0x190
[  396.109358][T17660]  should_failslab+0x9/0x14
[  396.114813][T17660]  kmem_cache_alloc+0x47/0x6f0
[  396.119741][T17660]  anon_vma_clone+0xde/0x480
[  396.125261][T17660]  anon_vma_fork+0x8f/0x4a0
[  396.130401][T17660]  ? dup_userfaultfd+0x15e/0x6d0
[  396.135644][T17660]  ? memcpy+0x46/0x50
[  396.139988][T17660]  copy_process.part.0+0x350f/0x7980
[  396.145979][T17660]  ? __cleanup_sighand+0x60/0x60
[  396.151037][T17660]  ? lock_downgrade+0x880/0x880
[  396.155969][T17660]  ? kasan_check_write+0x14/0x20
[  396.161585][T17660]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  396.167415][T17660]  _do_fork+0x257/0xfd0
[  396.171827][T17660]  ? fork_idle+0x1d0/0x1d0
[  396.176528][T17660]  ? fput+0x1b/0x20
[  396.180413][T17660]  ? ksys_write+0x166/0x1f0
[  396.185566][T17660]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  396.191383][T17660]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  396.197053][T17660]  ? do_syscall_64+0x26/0x610
[  396.201842][T17660]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  396.208273][T17660]  ? do_syscall_64+0x26/0x610
[  396.213138][T17660]  __x64_sys_clone+0xbf/0x150
[  396.218284][T17660]  do_syscall_64+0x103/0x610
[  396.223924][T17660]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  396.230406][T17660] RIP: 0033:0x4582b9
[  396.234993][T17660] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  396.257276][T17660] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  396.266422][T17660] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  396.275060][T17660] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  396.283718][T17660] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  396.292334][T17660] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  396.300687][T17660] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:22 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22001a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:22 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:22 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:22 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000007, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:22 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22011a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:22 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x1000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:22 executing program 1 (fault-call:3 fault-nth:83):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  396.630545][T17692] FAULT_INJECTION: forcing a failure.
[  396.630545][T17692] name failslab, interval 1, probability 0, space 0, times 0
[  396.649162][T17692] CPU: 0 PID: 17692 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  396.657162][T17692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  396.667229][T17692] Call Trace:
[  396.670537][T17692]  dump_stack+0x172/0x1f0
[  396.674884][T17692]  should_fail.cold+0xa/0x15
[  396.674909][T17692]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  396.674935][T17692]  ? ___might_sleep+0x163/0x280
[  396.685331][T17692]  __should_failslab+0x121/0x190
[  396.685348][T17692]  should_failslab+0x9/0x14
[  396.685362][T17692]  kmem_cache_alloc+0x2b2/0x6f0
[  396.685376][T17692]  ? anon_vma_clone+0x320/0x480
[  396.685402][T17692]  anon_vma_fork+0x1ea/0x4a0
[  396.713918][T17692]  ? dup_userfaultfd+0x15e/0x6d0
[  396.718900][T17692]  copy_process.part.0+0x350f/0x7980
[  396.724230][T17692]  ? __cleanup_sighand+0x60/0x60
[  396.729176][T17692]  ? lock_downgrade+0x880/0x880
[  396.734045][T17692]  ? kasan_check_write+0x14/0x20
[  396.739000][T17692]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  396.744596][T17692]  _do_fork+0x257/0xfd0
[  396.748771][T17692]  ? fork_idle+0x1d0/0x1d0
[  396.753212][T17692]  ? fput+0x1b/0x20
[  396.757035][T17692]  ? ksys_write+0x166/0x1f0
[  396.761559][T17692]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  396.767050][T17692]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  396.772518][T17692]  ? do_syscall_64+0x26/0x610
03:39:22 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22001b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  396.777203][T17692]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  396.783275][T17692]  ? do_syscall_64+0x26/0x610
[  396.787939][T17692]  __x64_sys_clone+0xbf/0x150
[  396.792708][T17692]  do_syscall_64+0x103/0x610
[  396.797291][T17692]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  396.803212][T17692] RIP: 0033:0x4582b9
[  396.807117][T17692] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:39:22 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')

[  396.826843][T17692] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  396.835253][T17692] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  396.843219][T17692] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  396.851187][T17692] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  396.859143][T17692] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  396.867096][T17692] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:23 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22011b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:23 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000008, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:23 executing program 1 (fault-call:3 fault-nth:84):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:23 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x800000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:23 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22001c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:23 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22011c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  397.211871][T17730] FAULT_INJECTION: forcing a failure.
[  397.211871][T17730] name failslab, interval 1, probability 0, space 0, times 0
[  397.263251][T17730] CPU: 1 PID: 17730 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  397.271261][T17730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  397.281316][T17730] Call Trace:
[  397.284622][T17730]  dump_stack+0x172/0x1f0
[  397.288967][T17730]  should_fail.cold+0xa/0x15
[  397.293667][T17730]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  397.299493][T17730]  ? ___might_sleep+0x163/0x280
[  397.304356][T17730]  __should_failslab+0x121/0x190
[  397.309302][T17730]  should_failslab+0x9/0x14
[  397.313835][T17730]  kmem_cache_alloc+0x2b2/0x6f0
[  397.318695][T17730]  ? anon_vma_clone+0x320/0x480
[  397.323583][T17730]  anon_vma_fork+0x1ea/0x4a0
[  397.328474][T17730]  ? dup_userfaultfd+0x15e/0x6d0
[  397.333433][T17730]  copy_process.part.0+0x350f/0x7980
[  397.338766][T17730]  ? __cleanup_sighand+0x60/0x60
[  397.343714][T17730]  ? lock_downgrade+0x880/0x880
[  397.348583][T17730]  ? kasan_check_write+0x14/0x20
[  397.353534][T17730]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  397.359096][T17730]  _do_fork+0x257/0xfd0
[  397.363264][T17730]  ? fork_idle+0x1d0/0x1d0
[  397.367689][T17730]  ? fput+0x1b/0x20
[  397.371503][T17730]  ? ksys_write+0x166/0x1f0
[  397.376049][T17730]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  397.381512][T17730]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  397.386998][T17730]  ? do_syscall_64+0x26/0x610
[  397.391683][T17730]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  397.397755][T17730]  ? do_syscall_64+0x26/0x610
[  397.402447][T17730]  __x64_sys_clone+0xbf/0x150
[  397.407150][T17730]  do_syscall_64+0x103/0x610
03:39:23 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x400000e, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:23 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22001d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  397.411833][T17730]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  397.411845][T17730] RIP: 0033:0x4582b9
[  397.411859][T17730] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  397.411866][T17730] RSP: 002b:00007fe307633c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  397.411890][T17730] RAX: ffffffffffffffda RBX: 00007fe307633c90 RCX: 00000000004582b9
[  397.411906][T17730] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  397.421720][T17730] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  397.421729][T17730] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076346d4
[  397.421737][T17730] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000003
03:39:23 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x2000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:23 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22011d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:23 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0xe00000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:23 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')

03:39:23 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22001e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:23 executing program 1 (fault-call:3 fault-nth:85):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:23 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000300, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:23 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3f00000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:23 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x3000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22011e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  397.941940][T17780] FAULT_INJECTION: forcing a failure.
[  397.941940][T17780] name failslab, interval 1, probability 0, space 0, times 0
[  397.970178][T17780] CPU: 1 PID: 17780 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  397.982430][T17780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  397.992858][T17780] Call Trace:
[  397.996166][T17780]  dump_stack+0x172/0x1f0
[  398.000513][T17780]  should_fail.cold+0xa/0x15
[  398.005146][T17780]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  398.010971][T17780]  ? ___might_sleep+0x163/0x280
[  398.015841][T17780]  __should_failslab+0x121/0x190
[  398.020791][T17780]  should_failslab+0x9/0x14
[  398.025346][T17780]  kmem_cache_alloc+0x2b2/0x6f0
[  398.030216][T17780]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  398.035977][T17780]  ? __vm_enough_memory+0x320/0x5a0
[  398.041202][T17780]  vm_area_dup+0x21/0x170
[  398.045551][T17780]  copy_process.part.0+0x3431/0x7980
[  398.050910][T17780]  ? __cleanup_sighand+0x60/0x60
[  398.055873][T17780]  ? lock_downgrade+0x880/0x880
[  398.060751][T17780]  ? kasan_check_write+0x14/0x20
[  398.065704][T17780]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  398.071269][T17780]  _do_fork+0x257/0xfd0
[  398.075443][T17780]  ? fork_idle+0x1d0/0x1d0
[  398.079875][T17780]  ? fput+0x1b/0x20
[  398.083785][T17780]  ? ksys_write+0x166/0x1f0
[  398.088313][T17780]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  398.093786][T17780]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  398.099255][T17780]  ? do_syscall_64+0x26/0x610
[  398.103949][T17780]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  398.110029][T17780]  ? do_syscall_64+0x26/0x610
[  398.114748][T17780]  __x64_sys_clone+0xbf/0x150
[  398.119443][T17780]  do_syscall_64+0x103/0x610
[  398.124057][T17780]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  398.129959][T17780] RIP: 0033:0x4582b9
03:39:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22001f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  398.133867][T17780] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  398.153493][T17780] RSP: 002b:00007fe307612c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  398.161914][T17780] RAX: ffffffffffffffda RBX: 00007fe307612c90 RCX: 00000000004582b9
[  398.169892][T17780] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  398.177878][T17780] RBP: 000000000073c040 R08: 0000000000000000 R09: 0000000000000000
[  398.185857][T17780] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076136d4
[  398.193841][T17780] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000003
03:39:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22011f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:24 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000500, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:24 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x4000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220020001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220120001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:24 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')

03:39:24 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000700, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:24 executing program 1 (fault-call:3 fault-nth:86):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:24 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8000000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:24 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x5000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:24 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220021001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  398.849816][T17828] FAULT_INJECTION: forcing a failure.
[  398.849816][T17828] name failslab, interval 1, probability 0, space 0, times 0
03:39:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220121001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  398.891316][T17828] CPU: 1 PID: 17828 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  398.899336][T17828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  398.909401][T17828] Call Trace:
[  398.912712][T17828]  dump_stack+0x172/0x1f0
[  398.917063][T17828]  should_fail.cold+0xa/0x15
[  398.921679][T17828]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  398.927499][T17828]  ? ___might_sleep+0x163/0x280
[  398.932367][T17828]  __should_failslab+0x121/0x190
[  398.937314][T17828]  should_failslab+0x9/0x14
[  398.941822][T17828]  kmem_cache_alloc+0x2b2/0x6f0
[  398.941837][T17828]  ? anon_vma_clone+0x320/0x480
[  398.941860][T17828]  anon_vma_fork+0xfc/0x4a0
[  398.941875][T17828]  ? dup_userfaultfd+0x15e/0x6d0
[  398.941900][T17828]  ? memcpy+0x46/0x50
[  398.965004][T17828]  copy_process.part.0+0x350f/0x7980
[  398.970329][T17828]  ? __cleanup_sighand+0x60/0x60
[  398.975283][T17828]  ? lock_downgrade+0x880/0x880
[  398.980152][T17828]  ? kasan_check_write+0x14/0x20
[  398.985107][T17828]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  398.990674][T17828]  _do_fork+0x257/0xfd0
[  398.994843][T17828]  ? fork_idle+0x1d0/0x1d0
[  398.999289][T17828]  ? fput+0x1b/0x20
[  399.003116][T17828]  ? ksys_write+0x166/0x1f0
[  399.007634][T17828]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  399.013103][T17828]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  399.018574][T17828]  ? do_syscall_64+0x26/0x610
[  399.023263][T17828]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.029338][T17828]  ? do_syscall_64+0x26/0x610
[  399.034030][T17828]  __x64_sys_clone+0xbf/0x150
[  399.038720][T17828]  do_syscall_64+0x103/0x610
[  399.043332][T17828]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.049230][T17828] RIP: 0033:0x4582b9
[  399.053152][T17828] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  399.072795][T17828] RSP: 002b:00007fe307633c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  399.081218][T17828] RAX: ffffffffffffffda RBX: 00007fe307633c90 RCX: 00000000004582b9
[  399.089195][T17828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  399.097175][T17828] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  399.105158][T17828] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076346d4
[  399.113135][T17828] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000003
03:39:25 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000e00, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220022001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:25 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x7000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220122001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:25 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:25 executing program 1 (fault-call:3 fault-nth:87):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:25 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x2, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:25 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220023001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  399.648021][T17869] FAULT_INJECTION: forcing a failure.
[  399.648021][T17869] name failslab, interval 1, probability 0, space 0, times 0
[  399.676725][T17869] CPU: 0 PID: 17869 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  399.684731][T17869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  399.694794][T17869] Call Trace:
[  399.698120][T17869]  dump_stack+0x172/0x1f0
[  399.702475][T17869]  should_fail.cold+0xa/0x15
[  399.707111][T17869]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  399.712933][T17869]  ? ___might_sleep+0x163/0x280
[  399.717812][T17869]  __should_failslab+0x121/0x190
[  399.722770][T17869]  should_failslab+0x9/0x14
[  399.727280][T17869]  kmem_cache_alloc+0x2b2/0x6f0
[  399.732146][T17869]  ? validate_mm_rb+0xa3/0xc0
[  399.736846][T17869]  vm_area_dup+0x21/0x170
[  399.741949][T17869]  copy_process.part.0+0x3431/0x7980
[  399.747313][T17869]  ? __cleanup_sighand+0x60/0x60
[  399.752353][T17869]  ? lock_downgrade+0x880/0x880
[  399.757224][T17869]  ? kasan_check_write+0x14/0x20
[  399.762170][T17869]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  399.767731][T17869]  _do_fork+0x257/0xfd0
[  399.771904][T17869]  ? fork_idle+0x1d0/0x1d0
[  399.776337][T17869]  ? fput+0x1b/0x20
[  399.780160][T17869]  ? ksys_write+0x166/0x1f0
[  399.784679][T17869]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  399.790147][T17869]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  399.795614][T17869]  ? do_syscall_64+0x26/0x610
[  399.800301][T17869]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.806380][T17869]  ? do_syscall_64+0x26/0x610
[  399.811070][T17869]  __x64_sys_clone+0xbf/0x150
[  399.815776][T17869]  do_syscall_64+0x103/0x610
[  399.820394][T17869]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  399.826292][T17869] RIP: 0033:0x4582b9
03:39:26 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:26 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x8000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220123001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  399.830223][T17869] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  399.849840][T17869] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  399.858301][T17869] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  399.866284][T17869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  399.874261][T17869] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  399.882240][T17869] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  399.890245][T17869] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:26 executing program 1 (fault-call:3 fault-nth:88):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220024001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  400.070324][T17893] FAULT_INJECTION: forcing a failure.
[  400.070324][T17893] name fail_page_alloc, interval 1, probability 0, space 0, times 0
03:39:26 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  400.139250][T17893] CPU: 1 PID: 17893 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  400.147266][T17893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  400.157329][T17893] Call Trace:
[  400.160646][T17893]  dump_stack+0x172/0x1f0
[  400.164994][T17893]  should_fail.cold+0xa/0x15
[  400.169631][T17893]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  400.175448][T17893]  ? ___might_sleep+0x163/0x280
[  400.180331][T17893]  should_fail_alloc_page+0x50/0x60
[  400.185542][T17893]  __alloc_pages_nodemask+0x1a1/0x7e0
[  400.191115][T17893]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  400.196852][T17893]  ? copy_page_range+0x125a/0x1f90
[  400.201988][T17893]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  400.208248][T17893]  alloc_pages_current+0x107/0x210
[  400.213378][T17893]  pte_alloc_one+0x1b/0x1a0
[  400.217902][T17893]  __pte_alloc+0x20/0x310
[  400.222249][T17893]  copy_page_range+0x1529/0x1f90
[  400.227371][T17893]  ? find_held_lock+0x35/0x130
[  400.232171][T17893]  ? pmd_alloc+0x180/0x180
[  400.236609][T17893]  ? __rb_insert_augmented+0x231/0xdf0
[  400.242082][T17893]  ? validate_mm_rb+0xa3/0xc0
[  400.246775][T17893]  ? __vma_link_rb+0x279/0x370
[  400.251560][T17893]  copy_process.part.0+0x568b/0x7980
[  400.256896][T17893]  ? __cleanup_sighand+0x60/0x60
[  400.261845][T17893]  ? lock_downgrade+0x880/0x880
[  400.266724][T17893]  ? kasan_check_write+0x14/0x20
[  400.271679][T17893]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  400.277244][T17893]  _do_fork+0x257/0xfd0
[  400.281442][T17893]  ? fork_idle+0x1d0/0x1d0
[  400.285876][T17893]  ? fput+0x1b/0x20
[  400.289707][T17893]  ? ksys_write+0x166/0x1f0
[  400.294231][T17893]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  400.299704][T17893]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  400.305180][T17893]  ? do_syscall_64+0x26/0x610
[  400.309868][T17893]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  400.315956][T17893]  ? do_syscall_64+0x26/0x610
[  400.320650][T17893]  __x64_sys_clone+0xbf/0x150
[  400.325340][T17893]  do_syscall_64+0x103/0x610
[  400.329942][T17893]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  400.335838][T17893] RIP: 0033:0x4582b9
[  400.339742][T17893] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  400.359352][T17893] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  400.367796][T17893] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  400.375770][T17893] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:26 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x100000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220124001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  400.383746][T17893] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  400.391724][T17893] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  400.399706][T17893] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:26 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:26 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x3, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220025001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:26 executing program 1 (fault-call:3 fault-nth:89):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:26 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x3, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220125001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:26 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x200000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:26 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220026001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:26 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x4, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  400.814983][T17927] FAULT_INJECTION: forcing a failure.
[  400.814983][T17927] name failslab, interval 1, probability 0, space 0, times 0
03:39:27 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x4, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  400.934189][T17927] CPU: 0 PID: 17927 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  400.942217][T17927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  400.952287][T17927] Call Trace:
[  400.955603][T17927]  dump_stack+0x172/0x1f0
[  400.959963][T17927]  should_fail.cold+0xa/0x15
[  400.964580][T17927]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  400.970403][T17927]  ? ___might_sleep+0x163/0x280
[  400.975267][T17927]  __should_failslab+0x121/0x190
[  400.980215][T17927]  should_failslab+0x9/0x14
[  400.984735][T17927]  kmem_cache_alloc+0x2b2/0x6f0
[  400.989596][T17927]  ? anon_vma_clone+0x320/0x480
[  400.994461][T17927]  anon_vma_fork+0x1ea/0x4a0
[  400.999069][T17927]  ? dup_userfaultfd+0x15e/0x6d0
[  401.004027][T17927]  copy_process.part.0+0x350f/0x7980
[  401.009363][T17927]  ? __cleanup_sighand+0x60/0x60
[  401.014314][T17927]  ? lock_downgrade+0x880/0x880
[  401.019196][T17927]  ? kasan_check_write+0x14/0x20
[  401.024147][T17927]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  401.029711][T17927]  _do_fork+0x257/0xfd0
[  401.033884][T17927]  ? fork_idle+0x1d0/0x1d0
[  401.038315][T17927]  ? fput+0x1b/0x20
[  401.042136][T17927]  ? ksys_write+0x166/0x1f0
[  401.046651][T17927]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  401.052121][T17927]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  401.057595][T17927]  ? do_syscall_64+0x26/0x610
[  401.062279][T17927]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  401.068455][T17927]  ? do_syscall_64+0x26/0x610
[  401.073149][T17927]  __x64_sys_clone+0xbf/0x150
[  401.077841][T17927]  do_syscall_64+0x103/0x610
[  401.082442][T17927]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  401.088340][T17927] RIP: 0033:0x4582b9
[  401.092246][T17927] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  401.111862][T17927] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  401.120288][T17927] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
03:39:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220126001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:27 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x300000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  401.128359][T17927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  401.136428][T17927] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  401.144406][T17927] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  401.152383][T17927] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:27 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
preadv(0xffffffffffffffff, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220027001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:27 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x5, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:27 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x5, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:27 executing program 1 (fault-call:3 fault-nth:90):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:27 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x400000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  401.550345][T17971] FAULT_INJECTION: forcing a failure.
[  401.550345][T17971] name failslab, interval 1, probability 0, space 0, times 0
[  401.568985][T17971] CPU: 0 PID: 17971 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  401.577024][T17971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  401.587085][T17971] Call Trace:
[  401.590402][T17971]  dump_stack+0x172/0x1f0
[  401.594760][T17971]  should_fail.cold+0xa/0x15
[  401.599378][T17971]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  401.605221][T17971]  ? ___might_sleep+0x163/0x280
[  401.610097][T17971]  __should_failslab+0x121/0x190
[  401.615057][T17971]  should_failslab+0x9/0x14
[  401.619571][T17971]  kmem_cache_alloc+0x2b2/0x6f0
[  401.624432][T17971]  ? validate_mm_rb+0xa3/0xc0
[  401.629133][T17971]  vm_area_dup+0x21/0x170
[  401.634925][T17971]  copy_process.part.0+0x3431/0x7980
[  401.640257][T17971]  ? __cleanup_sighand+0x60/0x60
[  401.645211][T17971]  ? lock_downgrade+0x880/0x880
[  401.650113][T17971]  ? kasan_check_write+0x14/0x20
[  401.655076][T17971]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  401.660666][T17971]  _do_fork+0x257/0xfd0
[  401.664849][T17971]  ? fork_idle+0x1d0/0x1d0
[  401.669291][T17971]  ? fput+0x1b/0x20
[  401.673114][T17971]  ? ksys_write+0x166/0x1f0
[  401.677648][T17971]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  401.683119][T17971]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  401.688589][T17971]  ? do_syscall_64+0x26/0x610
[  401.693276][T17971]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  401.699355][T17971]  ? do_syscall_64+0x26/0x610
[  401.704062][T17971]  __x64_sys_clone+0xbf/0x150
[  401.708783][T17971]  do_syscall_64+0x103/0x610
[  401.713408][T17971]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  401.719322][T17971] RIP: 0033:0x4582b9
[  401.723232][T17971] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:39:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220127001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:27 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220028001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  401.743677][T17971] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  401.752099][T17971] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  401.752108][T17971] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  401.752127][T17971] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  401.752135][T17971] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  401.752144][T17971] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220128001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:28 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x7, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:28 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x500000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220029001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:28 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220129001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:28 executing program 1 (fault-call:3 fault-nth:91):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:28 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:28 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x8, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:28 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x700000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  402.444839][T18016] FAULT_INJECTION: forcing a failure.
[  402.444839][T18016] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  402.463274][T18016] CPU: 0 PID: 18016 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  402.471285][T18016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  402.481350][T18016] Call Trace:
[  402.484667][T18016]  dump_stack+0x172/0x1f0
[  402.489038][T18016]  should_fail.cold+0xa/0x15
[  402.493736][T18016]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  402.499572][T18016]  ? ___might_sleep+0x163/0x280
[  402.504450][T18016]  should_fail_alloc_page+0x50/0x60
[  402.509657][T18016]  __alloc_pages_nodemask+0x1a1/0x7e0
[  402.515050][T18016]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  402.520818][T18016]  ? copy_page_range+0x125a/0x1f90
[  402.525951][T18016]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  402.532218][T18016]  alloc_pages_current+0x107/0x210
[  402.537339][T18016]  pte_alloc_one+0x1b/0x1a0
03:39:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22002a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22012a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  402.541849][T18016]  __pte_alloc+0x20/0x310
[  402.546196][T18016]  copy_page_range+0x1529/0x1f90
[  402.551319][T18016]  ? find_held_lock+0x35/0x130
[  402.556117][T18016]  ? pmd_alloc+0x180/0x180
[  402.560541][T18016]  ? __rb_insert_augmented+0x231/0xdf0
[  402.566009][T18016]  ? validate_mm_rb+0xa3/0xc0
[  402.570699][T18016]  ? __vma_link_rb+0x279/0x370
[  402.575509][T18016]  copy_process.part.0+0x568b/0x7980
[  402.580836][T18016]  ? __cleanup_sighand+0x60/0x60
[  402.585781][T18016]  ? lock_downgrade+0x880/0x880
[  402.590690][T18016]  ? kasan_check_write+0x14/0x20
03:39:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22002b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  402.595640][T18016]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  402.601199][T18016]  _do_fork+0x257/0xfd0
[  402.605367][T18016]  ? fork_idle+0x1d0/0x1d0
[  402.609787][T18016]  ? fput+0x1b/0x20
[  402.613600][T18016]  ? ksys_write+0x166/0x1f0
[  402.613621][T18016]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  402.613636][T18016]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  402.613650][T18016]  ? do_syscall_64+0x26/0x610
[  402.613665][T18016]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  402.613679][T18016]  ? do_syscall_64+0x26/0x610
[  402.613699][T18016]  __x64_sys_clone+0xbf/0x150
[  402.613718][T18016]  do_syscall_64+0x103/0x610
[  402.613738][T18016]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  402.629142][T18016] RIP: 0033:0x4582b9
[  402.629158][T18016] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  402.629167][T18016] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:39:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22012b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:28 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

[  402.629182][T18016] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  402.629191][T18016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  402.629199][T18016] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  402.629208][T18016] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  402.629223][T18016] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:28 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22002c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:28 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0xe, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:28 executing program 1 (fault-call:3 fault-nth:92):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:28 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22012c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  402.988532][T18058] FAULT_INJECTION: forcing a failure.
[  402.988532][T18058] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  403.030711][T18058] CPU: 0 PID: 18058 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  403.038732][T18058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  403.048880][T18058] Call Trace:
[  403.052204][T18058]  dump_stack+0x172/0x1f0
[  403.056554][T18058]  should_fail.cold+0xa/0x15
[  403.061154][T18058]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  403.066988][T18058]  ? ___might_sleep+0x163/0x280
[  403.071858][T18058]  should_fail_alloc_page+0x50/0x60
[  403.077068][T18058]  __alloc_pages_nodemask+0x1a1/0x7e0
[  403.082453][T18058]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  403.088192][T18058]  ? copy_page_range+0x125a/0x1f90
[  403.093311][T18058]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  403.099576][T18058]  alloc_pages_current+0x107/0x210
[  403.104712][T18058]  pte_alloc_one+0x1b/0x1a0
[  403.109232][T18058]  __pte_alloc+0x20/0x310
[  403.113591][T18058]  copy_page_range+0x1529/0x1f90
[  403.118538][T18058]  ? find_held_lock+0x35/0x130
[  403.123336][T18058]  ? pmd_alloc+0x180/0x180
[  403.127764][T18058]  ? __rb_insert_augmented+0x231/0xdf0
[  403.133232][T18058]  ? validate_mm_rb+0xa3/0xc0
[  403.137917][T18058]  ? __vma_link_rb+0x279/0x370
[  403.142711][T18058]  copy_process.part.0+0x568b/0x7980
[  403.148040][T18058]  ? __cleanup_sighand+0x60/0x60
[  403.152995][T18058]  ? lock_downgrade+0x880/0x880
[  403.157867][T18058]  ? kasan_check_write+0x14/0x20
[  403.162817][T18058]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  403.168381][T18058]  _do_fork+0x257/0xfd0
[  403.172555][T18058]  ? fork_idle+0x1d0/0x1d0
[  403.176988][T18058]  ? fput+0x1b/0x20
[  403.180822][T18058]  ? ksys_write+0x166/0x1f0
[  403.185341][T18058]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  403.190897][T18058]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  403.196384][T18058]  ? do_syscall_64+0x26/0x610
[  403.201074][T18058]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  403.207149][T18058]  ? do_syscall_64+0x26/0x610
[  403.211840][T18058]  __x64_sys_clone+0xbf/0x150
[  403.216533][T18058]  do_syscall_64+0x103/0x610
[  403.221166][T18058]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  403.227065][T18058] RIP: 0033:0x4582b9
[  403.230975][T18058] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  403.250703][T18058] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  403.259122][T18058] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  403.267099][T18058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22002d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  403.275076][T18058] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  403.283311][T18058] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  403.291286][T18058] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:29 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x800000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:29 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xe, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:29 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22012d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:29 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x300, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:29 executing program 1 (fault-call:3 fault-nth:93):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  403.637497][T18086] FAULT_INJECTION: forcing a failure.
[  403.637497][T18086] name failslab, interval 1, probability 0, space 0, times 0
[  403.665761][T18086] CPU: 0 PID: 18086 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  403.673773][T18086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  403.683833][T18086] Call Trace:
[  403.687138][T18086]  dump_stack+0x172/0x1f0
[  403.691485][T18086]  should_fail.cold+0xa/0x15
[  403.696092][T18086]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  403.702001][T18086]  ? ___might_sleep+0x163/0x280
[  403.706874][T18086]  __should_failslab+0x121/0x190
[  403.711832][T18086]  should_failslab+0x9/0x14
[  403.716343][T18086]  kmem_cache_alloc+0x2b2/0x6f0
[  403.721208][T18086]  ? validate_mm_rb+0xa3/0xc0
[  403.725876][T18086]  vm_area_dup+0x21/0x170
[  403.730201][T18086]  copy_process.part.0+0x3431/0x7980
[  403.735491][T18086]  ? __cleanup_sighand+0x60/0x60
[  403.741049][T18086]  ? lock_downgrade+0x880/0x880
[  403.745913][T18086]  ? kasan_check_write+0x14/0x20
[  403.750857][T18086]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  403.756413][T18086]  _do_fork+0x257/0xfd0
[  403.760556][T18086]  ? fork_idle+0x1d0/0x1d0
[  403.764966][T18086]  ? fput+0x1b/0x20
[  403.768775][T18086]  ? ksys_write+0x166/0x1f0
[  403.773279][T18086]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  403.778745][T18086]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  403.784215][T18086]  ? do_syscall_64+0x26/0x610
[  403.788888][T18086]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  403.794948][T18086]  ? do_syscall_64+0x26/0x610
[  403.799625][T18086]  __x64_sys_clone+0xbf/0x150
[  403.804292][T18086]  do_syscall_64+0x103/0x610
[  403.808870][T18086]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  403.814743][T18086] RIP: 0033:0x4582b9
[  403.818620][T18086] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
03:39:30 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22002e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:30 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x300, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:30 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x8000000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  403.838207][T18086] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  403.846633][T18086] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  403.854706][T18086] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  403.862698][T18086] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  403.870702][T18086] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  403.878659][T18086] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:30 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x500, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:30 executing program 1 (fault-call:3 fault-nth:94):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22012e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:30 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x2, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  404.061223][T18110] FAULT_INJECTION: forcing a failure.
[  404.061223][T18110] name failslab, interval 1, probability 0, space 0, times 0
[  404.097313][T18110] CPU: 0 PID: 18110 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  404.105328][T18110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  404.115389][T18110] Call Trace:
[  404.118690][T18110]  dump_stack+0x172/0x1f0
[  404.123035][T18110]  should_fail.cold+0xa/0x15
[  404.127632][T18110]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  404.133477][T18110]  ? ___might_sleep+0x163/0x280
[  404.138340][T18110]  __should_failslab+0x121/0x190
[  404.143282][T18110]  should_failslab+0x9/0x14
[  404.147788][T18110]  kmem_cache_alloc+0x2b2/0x6f0
[  404.152684][T18110]  ? validate_mm_rb+0xa3/0xc0
[  404.157374][T18110]  vm_area_dup+0x21/0x170
[  404.161725][T18110]  copy_process.part.0+0x3431/0x7980
[  404.167066][T18110]  ? __cleanup_sighand+0x60/0x60
[  404.172041][T18110]  ? lock_downgrade+0x880/0x880
[  404.176917][T18110]  ? kasan_check_write+0x14/0x20
[  404.181875][T18110]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  404.187434][T18110]  _do_fork+0x257/0xfd0
[  404.191690][T18110]  ? fork_idle+0x1d0/0x1d0
[  404.196116][T18110]  ? fput+0x1b/0x20
[  404.199940][T18110]  ? ksys_write+0x166/0x1f0
[  404.204647][T18110]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  404.210116][T18110]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  404.215603][T18110]  ? do_syscall_64+0x26/0x610
[  404.220291][T18110]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  404.226382][T18110]  ? do_syscall_64+0x26/0x610
[  404.231083][T18110]  __x64_sys_clone+0xbf/0x150
[  404.235785][T18110]  do_syscall_64+0x103/0x610
[  404.240409][T18110]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  404.246304][T18110] RIP: 0033:0x4582b9
[  404.250206][T18110] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  404.269904][T18110] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  404.278326][T18110] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  404.286407][T18110] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  404.294388][T18110] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  404.302366][T18110] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
03:39:30 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x500, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22002f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  404.310341][T18110] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22012f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:30 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x700, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:30 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:30 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x3, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:30 executing program 1 (fault-call:3 fault-nth:95):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:30 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220030001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:30 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x700, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:30 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0xe00, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

[  404.836472][T18148] FAULT_INJECTION: forcing a failure.
[  404.836472][T18148] name failslab, interval 1, probability 0, space 0, times 0
[  404.883289][T18148] CPU: 0 PID: 18148 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  404.891315][T18148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  404.901389][T18148] Call Trace:
[  404.904717][T18148]  dump_stack+0x172/0x1f0
[  404.909075][T18148]  should_fail.cold+0xa/0x15
[  404.913710][T18148]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  404.919548][T18148]  ? ___might_sleep+0x163/0x280
[  404.924423][T18148]  __should_failslab+0x121/0x190
[  404.929373][T18148]  should_failslab+0x9/0x14
[  404.933881][T18148]  kmem_cache_alloc+0x2b2/0x6f0
[  404.938746][T18148]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  404.945008][T18148]  ptlock_alloc+0x20/0x70
[  404.949350][T18148]  pte_alloc_one+0x6d/0x1a0
[  404.953878][T18148]  __pte_alloc+0x20/0x310
[  404.958250][T18148]  copy_page_range+0x1529/0x1f90
[  404.963206][T18148]  ? find_held_lock+0x35/0x130
[  404.968013][T18148]  ? pmd_alloc+0x180/0x180
[  404.972444][T18148]  ? __rb_insert_augmented+0x231/0xdf0
[  404.978083][T18148]  ? validate_mm_rb+0xa3/0xc0
[  404.982778][T18148]  ? __vma_link_rb+0x279/0x370
[  404.987693][T18148]  copy_process.part.0+0x568b/0x7980
[  404.993049][T18148]  ? __cleanup_sighand+0x60/0x60
[  404.997999][T18148]  ? lock_downgrade+0x880/0x880
[  405.002864][T18148]  ? kasan_check_write+0x14/0x20
[  405.007811][T18148]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  405.013389][T18148]  _do_fork+0x257/0xfd0
[  405.017555][T18148]  ? fork_idle+0x1d0/0x1d0
[  405.021984][T18148]  ? fput+0x1b/0x20
[  405.025810][T18148]  ? ksys_write+0x166/0x1f0
[  405.030347][T18148]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  405.035819][T18148]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  405.041294][T18148]  ? do_syscall_64+0x26/0x610
[  405.045993][T18148]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  405.052071][T18148]  ? do_syscall_64+0x26/0x610
[  405.056776][T18148]  __x64_sys_clone+0xbf/0x150
[  405.061472][T18148]  do_syscall_64+0x103/0x610
[  405.066082][T18148]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  405.071990][T18148] RIP: 0033:0x4582b9
[  405.075892][T18148] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  405.095763][T18148] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  405.104200][T18148] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  405.112568][T18148] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  405.120545][T18148] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
03:39:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220130001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  405.128524][T18148] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  405.136514][T18148] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220031001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:31 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x1000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220131001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:31 executing program 1 (fault-call:3 fault-nth:96):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

[  405.436374][T18184] FAULT_INJECTION: forcing a failure.
[  405.436374][T18184] name failslab, interval 1, probability 0, space 0, times 0
[  405.468576][T18184] CPU: 0 PID: 18184 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  405.476598][T18184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  405.486848][T18184] Call Trace:
[  405.490162][T18184]  dump_stack+0x172/0x1f0
[  405.494513][T18184]  should_fail.cold+0xa/0x15
[  405.499137][T18184]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  405.507334][T18184]  ? ___might_sleep+0x163/0x280
[  405.512211][T18184]  __should_failslab+0x121/0x190
[  405.517179][T18184]  should_failslab+0x9/0x14
[  405.521698][T18184]  kmem_cache_alloc+0x2b2/0x6f0
[  405.526580][T18184]  ? validate_mm_rb+0xa3/0xc0
[  405.531275][T18184]  vm_area_dup+0x21/0x170
[  405.535623][T18184]  copy_process.part.0+0x3431/0x7980
[  405.541069][T18184]  ? __cleanup_sighand+0x60/0x60
[  405.546027][T18184]  ? lock_downgrade+0x880/0x880
[  405.550906][T18184]  ? kasan_check_write+0x14/0x20
[  405.555861][T18184]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  405.561423][T18184]  _do_fork+0x257/0xfd0
[  405.565597][T18184]  ? fork_idle+0x1d0/0x1d0
[  405.570023][T18184]  ? fput+0x1b/0x20
[  405.573847][T18184]  ? ksys_write+0x166/0x1f0
[  405.578410][T18184]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  405.583885][T18184]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  405.589367][T18184]  ? do_syscall_64+0x26/0x610
[  405.594074][T18184]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  405.600150][T18184]  ? do_syscall_64+0x26/0x610
[  405.604855][T18184]  __x64_sys_clone+0xbf/0x150
[  405.609551][T18184]  do_syscall_64+0x103/0x610
[  405.614222][T18184]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  405.620121][T18184] RIP: 0033:0x4582b9
[  405.624020][T18184] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  405.644579][T18184] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  405.653016][T18184] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  405.660995][T18184] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  405.668975][T18184] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  405.676986][T18184] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
03:39:31 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220032001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  405.684964][T18184] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:31 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:31 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x4, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:31 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x2000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:31 executing program 1 (fault-call:3 fault-nth:97):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:31 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xe00, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220132001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  405.930907][T18202] FAULT_INJECTION: forcing a failure.
[  405.930907][T18202] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  405.974668][T18202] CPU: 0 PID: 18202 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  405.982688][T18202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  405.992747][T18202] Call Trace:
[  405.996060][T18202]  dump_stack+0x172/0x1f0
[  406.000402][T18202]  should_fail.cold+0xa/0x15
[  406.005038][T18202]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  406.010860][T18202]  ? ___might_sleep+0x163/0x280
[  406.010886][T18202]  should_fail_alloc_page+0x50/0x60
03:39:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220033001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  406.010902][T18202]  __alloc_pages_nodemask+0x1a1/0x7e0
[  406.010924][T18202]  ? __alloc_pages_slowpath+0x28b0/0x28b0
[  406.010948][T18202]  ? copy_page_range+0x125a/0x1f90
[  406.010976][T18202]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  406.026376][T18202]  alloc_pages_current+0x107/0x210
[  406.026399][T18202]  pte_alloc_one+0x1b/0x1a0
[  406.026417][T18202]  __pte_alloc+0x20/0x310
[  406.026437][T18202]  copy_page_range+0x1529/0x1f90
[  406.026451][T18202]  ? find_held_lock+0x35/0x130
[  406.026487][T18202]  ? pmd_alloc+0x180/0x180
03:39:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220133001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  406.026504][T18202]  ? __rb_insert_augmented+0x231/0xdf0
[  406.026523][T18202]  ? validate_mm_rb+0xa3/0xc0
[  406.081713][T18202]  ? __vma_link_rb+0x279/0x370
[  406.086497][T18202]  copy_process.part.0+0x568b/0x7980
[  406.091834][T18202]  ? __cleanup_sighand+0x60/0x60
[  406.096798][T18202]  ? lock_downgrade+0x880/0x880
[  406.101665][T18202]  ? kasan_check_write+0x14/0x20
[  406.101684][T18202]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  406.101717][T18202]  _do_fork+0x257/0xfd0
[  406.101747][T18202]  ? fork_idle+0x1d0/0x1d0
[  406.101762][T18202]  ? fput+0x1b/0x20
03:39:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220034001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  406.101779][T18202]  ? ksys_write+0x166/0x1f0
[  406.101801][T18202]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  406.112266][T18202]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  406.112281][T18202]  ? do_syscall_64+0x26/0x610
[  406.112296][T18202]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  406.112309][T18202]  ? do_syscall_64+0x26/0x610
[  406.112329][T18202]  __x64_sys_clone+0xbf/0x150
[  406.112348][T18202]  do_syscall_64+0x103/0x610
[  406.112368][T18202]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  406.170618][T18202] RIP: 0033:0x4582b9
03:39:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220134001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  406.174523][T18202] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  406.194133][T18202] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  406.202570][T18202] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  406.210729][T18202] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
03:39:32 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

[  406.218704][T18202] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  406.226702][T18202] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  406.234694][T18202] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:32 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x3000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:32 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x3f00, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:32 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x5, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220035001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:32 executing program 1 (fault-call:3 fault-nth:98):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:32 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x4000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:32 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:32 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220135001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  406.774495][T18246] FAULT_INJECTION: forcing a failure.
[  406.774495][T18246] name failslab, interval 1, probability 0, space 0, times 0
[  406.799984][T18246] CPU: 1 PID: 18246 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  406.807985][T18246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  406.818049][T18246] Call Trace:
[  406.821388][T18246]  dump_stack+0x172/0x1f0
[  406.825746][T18246]  should_fail.cold+0xa/0x15
[  406.830348][T18246]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  406.836164][T18246]  ? ___might_sleep+0x163/0x280
[  406.841026][T18246]  __should_failslab+0x121/0x190
[  406.845972][T18246]  should_failslab+0x9/0x14
[  406.850489][T18246]  kmem_cache_alloc+0x2b2/0x6f0
[  406.855353][T18246]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  406.861611][T18246]  ptlock_alloc+0x20/0x70
[  406.865947][T18246]  pte_alloc_one+0x6d/0x1a0
[  406.870466][T18246]  __pte_alloc+0x20/0x310
[  406.874805][T18246]  copy_page_range+0x1529/0x1f90
[  406.879745][T18246]  ? find_held_lock+0x35/0x130
[  406.884544][T18246]  ? pmd_alloc+0x180/0x180
[  406.888966][T18246]  ? __rb_insert_augmented+0x231/0xdf0
[  406.894431][T18246]  ? validate_mm_rb+0xa3/0xc0
[  406.899124][T18246]  ? __vma_link_rb+0x279/0x370
[  406.903912][T18246]  copy_process.part.0+0x568b/0x7980
[  406.909240][T18246]  ? __cleanup_sighand+0x60/0x60
[  406.914186][T18246]  ? lock_downgrade+0x880/0x880
[  406.919057][T18246]  ? kasan_check_write+0x14/0x20
[  406.924007][T18246]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  406.929568][T18246]  _do_fork+0x257/0xfd0
[  406.933748][T18246]  ? fork_idle+0x1d0/0x1d0
[  406.938187][T18246]  ? fput+0x1b/0x20
[  406.942016][T18246]  ? ksys_write+0x166/0x1f0
[  406.946531][T18246]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  406.952004][T18246]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  406.957476][T18246]  ? do_syscall_64+0x26/0x610
[  406.962163][T18246]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  406.968239][T18246]  ? do_syscall_64+0x26/0x610
[  406.972957][T18246]  __x64_sys_clone+0xbf/0x150
[  406.977648][T18246]  do_syscall_64+0x103/0x610
[  406.982251][T18246]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  406.988142][T18246] RIP: 0033:0x4582b9
[  406.992044][T18246] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  407.011656][T18246] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
03:39:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220036001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220136001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  407.020077][T18246] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  407.028054][T18246] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  407.036033][T18246] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  407.044021][T18246] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  407.052005][T18246] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220037001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:33 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:33 executing program 1 (fault-call:3 fault-nth:99):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:33 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x5000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:33 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x7, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220137001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  407.256921][T18274] FAULT_INJECTION: forcing a failure.
[  407.256921][T18274] name failslab, interval 1, probability 0, space 0, times 0
[  407.321005][T18274] CPU: 1 PID: 18274 Comm: syz-executor.1 Not tainted 5.1.0-rc3+ #55
[  407.329014][T18274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  407.339079][T18274] Call Trace:
[  407.342380][T18274]  dump_stack+0x172/0x1f0
[  407.346724][T18274]  should_fail.cold+0xa/0x15
[  407.351331][T18274]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  407.357158][T18274]  ? ___might_sleep+0x163/0x280
[  407.362024][T18274]  __should_failslab+0x121/0x190
[  407.366977][T18274]  should_failslab+0x9/0x14
[  407.371524][T18274]  kmem_cache_alloc+0x2b2/0x6f0
[  407.376392][T18274]  ? validate_mm_rb+0xa3/0xc0
[  407.381086][T18274]  vm_area_dup+0x21/0x170
[  407.385426][T18274]  copy_process.part.0+0x3431/0x7980
[  407.390757][T18274]  ? __cleanup_sighand+0x60/0x60
[  407.395704][T18274]  ? lock_downgrade+0x880/0x880
[  407.400576][T18274]  ? kasan_check_write+0x14/0x20
[  407.405526][T18274]  ? __mutex_unlock_slowpath+0xf8/0x6b0
[  407.411092][T18274]  _do_fork+0x257/0xfd0
[  407.415266][T18274]  ? fork_idle+0x1d0/0x1d0
[  407.419689][T18274]  ? fput+0x1b/0x20
[  407.423512][T18274]  ? ksys_write+0x166/0x1f0
[  407.428030][T18274]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  407.433507][T18274]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  407.438978][T18274]  ? do_syscall_64+0x26/0x610
[  407.443662][T18274]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  407.449735][T18274]  ? do_syscall_64+0x26/0x610
[  407.454426][T18274]  __x64_sys_clone+0xbf/0x150
[  407.459123][T18274]  do_syscall_64+0x103/0x610
[  407.463725][T18274]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  407.469622][T18274] RIP: 0033:0x4582b9
[  407.473525][T18274] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  407.493141][T18274] RSP: 002b:00007fe307654c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  407.501560][T18274] RAX: ffffffffffffffda RBX: 00007fe307654c90 RCX: 00000000004582b9
[  407.509543][T18274] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  407.517521][T18274] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  407.525504][T18274] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe3076556d4
[  407.533488][T18274] R13: 00000000004be5b9 R14: 00000000004cf0c0 R15: 0000000000000005
03:39:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220038001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:33 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:33 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x7000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:33 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:33 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:33 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220138001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:34 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x8, 0x0, 0x0, 0x0, 0x0)

03:39:34 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x8000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220039001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:34 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x3000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:34 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x300, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:34 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:34 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x11, 0x0, 0x0, 0x0, 0x0)

03:39:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220139001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:34 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x500, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22003a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:34 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1100, 0x0, 0x0, 0x0, 0x0)

03:39:34 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0xe000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:34 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x4000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:34 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22013a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:34 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x700, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:34 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1f00, 0x0, 0x0, 0x0, 0x0)

03:39:34 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x100000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:35 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:35 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x5000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22003b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:35 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x1000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:35 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x3f00, 0x0, 0x0, 0x0, 0x0)

03:39:35 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x200000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:35 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x4000, 0x0, 0x0, 0x0, 0x0)

03:39:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22013b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:35 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x2000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:35 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22003c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:35 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x300000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:35 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x7000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22013c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:36 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x3000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x400000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22003d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:36 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x20010, 0x0, 0x0, 0x0, 0x0)

03:39:36 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x4000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x500000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22013d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:36 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xe000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x5000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:36 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22003e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:36 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x20200, 0x0, 0x0, 0x0, 0x0)

03:39:36 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x3f000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x7000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:36 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x700000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x80000, 0x0, 0x0, 0x0, 0x0)

03:39:37 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22013e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:37 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x8000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:37 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x100000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:37 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x800000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:37 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22003f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:37 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:37 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22013f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:37 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x100000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xfee00, 0x0, 0x0, 0x0, 0x0)

03:39:37 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x200000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:37 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0xe00000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:37 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220040001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:37 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1ff000, 0x0, 0x0, 0x0, 0x0)

03:39:38 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x8000000000000000, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:38 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x300000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:38 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x200000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220140001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:38 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:38 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x400000, 0x0, 0x0, 0x0, 0x0)

03:39:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220041001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:38 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x2, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:38 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x300000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:38 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x400000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220141001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:38 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x6e8000, 0x0, 0x0, 0x0, 0x0)

03:39:38 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x400000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:38 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220042001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:38 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x3, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:39 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x500000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:39 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:39 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220142001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:39 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x806e00, 0x0, 0x0, 0x0, 0x0)

03:39:39 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x500000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:39 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x4, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:39 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x700000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:39 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220043001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:39 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xee0f00, 0x0, 0x0, 0x0, 0x0)

03:39:39 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220143001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:39 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x700000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:39 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x5, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:39 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x800000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:40 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:40 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xf01f00, 0x0, 0x0, 0x0, 0x0)

03:39:40 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220044001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:40 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x7, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:40 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x800000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:40 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xe00000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:40 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xf0e91e, 0x0, 0x0, 0x0, 0x0)

03:39:40 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220144001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:40 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1000000, 0x0, 0x0, 0x0, 0x0)

03:39:40 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x3f00000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:40 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x8000000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:40 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:41 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220045001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:41 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x8000000, 0x0, 0x0, 0x0, 0x0)

03:39:41 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0xe, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:41 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8000000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:41 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220145001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:41 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:41 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220046001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:41 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x300, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:41 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:41 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x10000200, 0x0, 0x0, 0x0, 0x0)

03:39:42 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:42 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220146001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:42 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x500, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:42 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x11000000, 0x0, 0x0, 0x0, 0x0)

03:39:42 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x2}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220047001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:42 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1ee9f000, 0x0, 0x0, 0x0, 0x0)

03:39:42 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220147001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:42 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x700, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:42 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:42 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x4}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:43 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1f000000, 0x0, 0x0, 0x0, 0x0)

03:39:43 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220048001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:43 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:43 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0xe00, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:43 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:43 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x5}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:43 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220148001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:43 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:43 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x1000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:43 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x3f000000, 0x0, 0x0, 0x0, 0x0)

03:39:43 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220049001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:43 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x300}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:43 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220149001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:43 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1b0ac20000, 0x0, 0x0, 0x0, 0x0)

03:39:43 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x2000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:43 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x300, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
bind$inet6(0xffffffffffffffff, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(0xffffffffffffffff)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22004a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:44 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x20000181}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x500, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x3000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x10000000000, 0x0, 0x0, 0x0, 0x0)

03:39:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22014a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:44 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x4000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x2}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22004b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:44 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x400000000000, 0x0, 0x0, 0x0, 0x0)

03:39:44 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
bind$inet6(0xffffffffffffffff, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(0xffffffffffffffff)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22014b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:44 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x5000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x3}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:44 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x7fc7daa15000, 0x0, 0x0, 0x0, 0x0)

03:39:44 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22004c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22014c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:45 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x7000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:45 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x4}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:45 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xc20a1b000000, 0x0, 0x0, 0x0, 0x0)

03:39:45 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:45 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
bind$inet6(0xffffffffffffffff, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(0xffffffffffffffff)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22004d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:45 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x8000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:45 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x2001000000000, 0x0, 0x0, 0x0, 0x0)

03:39:45 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x3000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:45 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x5}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22014d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:45 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x2020000000000, 0x0, 0x0, 0x0, 0x0)

03:39:45 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22004e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:46 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0xe000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:46 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x7}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:46 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x4000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:46 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
msgget$private(0x0, 0x104)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:46 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22014e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x8000000000000, 0x0, 0x0, 0x0, 0x0)

03:39:46 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x100000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:46 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x8}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:46 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:46 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22004f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:46 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22014f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:46 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:46 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x200000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:46 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x50a1dac77f0000, 0x0, 0x0, 0x0, 0x0)

03:39:46 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0xe}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:47 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
msgget$private(0x0, 0x104)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:47 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220050001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:47 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:47 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x806e0000000000, 0x0, 0x0, 0x0, 0x0)

03:39:47 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x300000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:47 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x300}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:47 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220150001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:47 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xee0f0000000000, 0x0, 0x0, 0x0, 0x0)

03:39:47 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220051001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:47 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x100000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:47 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x400000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:47 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x500}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:48 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
msgget$private(0x0, 0x104)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220151001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xf01f0000000000, 0x0, 0x0, 0x0, 0x0)

03:39:48 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x500000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:48 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x700}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:48 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x200000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220052001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:48 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0xe00}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:48 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x700000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:48 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xf0e91e00000000, 0x0, 0x0, 0x0, 0x0)

03:39:48 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220152001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:48 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x300000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:49 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:49 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220053001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:49 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x100000000000000, 0x0, 0x0, 0x0, 0x0)

03:39:49 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x800000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:49 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x3f00}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:49 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x400000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:49 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220153001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:49 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x800000000000000, 0x0, 0x0, 0x0, 0x0)

03:39:49 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220054001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:49 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x1000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:49 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x500000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:49 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0xe00000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:50 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:50 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220154001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1100000000000000, 0x0, 0x0, 0x0, 0x0)

03:39:50 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x2000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:50 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x8000000000000000, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:50 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x700000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:50 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220055001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  424.118390][T19306] cgroup: fork rejected by pids controller in /syz1
03:39:50 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x2, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:50 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x800000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:50 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x3000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:50 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x1f00000000000000, 0x0, 0x0, 0x0, 0x0)

03:39:50 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220155001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:51 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
msgctl$IPC_STAT(0x0, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:51 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x3, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220056001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:51 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x4000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x8000000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x3f00000000000000, 0x0, 0x0, 0x0, 0x0)

03:39:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220156001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:51 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x4, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x5000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220057001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:51 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x5, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:51 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x8000000000000000, 0x0, 0x0, 0x0, 0x0)

03:39:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220157001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:51 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x3, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x7000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:51 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220058001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:52 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220158001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:52 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:52 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x8000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:52 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x4, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:52 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="226558001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:52 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0xffffffff00000000, 0x0, 0x0, 0x0, 0x0)

03:39:52 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0xe, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:52 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0xe000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:52 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220059001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:52 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:52 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x5, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:52 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220159001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:52 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x300, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:52 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x3f000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22005a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:53 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x500, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f00000002c0)={<r1=>0x0, @in={{0x2, 0x4e21, @rand_addr=0x80000001}}, 0x2, 0xffffffff00000001, 0x6, 0x9, 0x10}, &(0x7f0000000080)=0x98)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000380)={r1, 0x6}, &(0x7f00000003c0)=0x8)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x80000000, 0x0, 0x0, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000280)="2ca030c3933144d76d3b3d9d26d7e5f7151eb214a7bdd3f9ef8038f3fad511f864616940aaad0095c81a872001e59ab4a057", 0x32, 0xfffffffffffffffa)
keyctl$read(0xb, r2, &(0x7f00000000c0)=""/210, 0xd2)
r3 = syz_open_dev$dspn(&(0x7f0000000400)='/dev/dsp#\x00', 0x5, 0x20000)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000440)=@assoc_value, &(0x7f0000000480)=0x8)
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cachefiles\x00', 0x8200, 0x0)
ioctl$VT_GETSTATE(r4, 0x5603, &(0x7f0000000200)={0x5, 0x8, 0x1})

03:39:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22015a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:53 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x100000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22005b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:53 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x700, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x200000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x300, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$inet6(0xa, 0x0, 0x33)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000000)={0x947, {{0xa, 0x4e20, 0x10001, @ipv4={[], [], @loopback}, 0x7f}}, {{0xa, 0x4e23, 0x1, @mcast2, 0x7}}}, 0x108)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x220000, 0x0)

03:39:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22015b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:53 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0xe00, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22005c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:53 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x500, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:53 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x300000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:54 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x1000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:54 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:54 executing program 1:
r0 = syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x4, 0x208002)
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000340)=ANY=[@ANYBLOB="0000da0000000001"])
r1 = syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x1, 0x600800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f0000000280)={0x7fff, 0x2, 'client0\x00', 0x4, "8e17373a58f65a08", "25555adcd17831d1308588e6ffd1ec87c4d6f8a4137d516db8daae6f959bc347", 0xf85, 0xfffffffffffff000})
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x400000, 0x0)
ioctl$KVM_PPC_GET_PVINFO(r2, 0x4080aea1, &(0x7f0000000040)=""/250)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x40080, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$RTC_EPOCH_READ(r0, 0x8008700d, &(0x7f0000000380))
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x6685)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_S_SELECTION(r2, 0xc040565f, &(0x7f0000000140)={0x4, 0x2, 0x2, {0x4, 0x5, 0x1f, 0x9}})

03:39:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22015c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:54 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x700, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:54 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x400000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:54 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x2000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22005d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22015d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:54 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x3000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:54 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:54 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x500000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:54 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22005e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22015e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r2, &(0x7f0000000000)='trusted.overlay.upper\x00', &(0x7f0000000040)={0x0, 0xfb, 0x23, 0x2, 0x5, "494fea7c5af7779250ceda9f66f71a27", "237f691d3055876a534def743534"}, 0x23, 0x1)

03:39:55 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:55 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:55 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x700000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:55 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x4000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22005f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22015f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:55 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x3000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:55 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x800000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:55 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x5000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220060001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x400001, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000000c0)={r1, 0x10, &(0x7f0000000080)={&(0x7f0000000040)=""/32, 0x20, 0xffffffffffffffff}}, 0x10)

03:39:55 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220160001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:56 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:56 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x4000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:56 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x7000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220061001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:56 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x20)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={r1, 0x4, 0x9, r1})
getpeername$tipc(r1, &(0x7f0000000040), &(0x7f0000000080)=0x10)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x812, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r1, 0xc040563d, &(0x7f0000000100)={0x1, 0x0, 0x102, 0x4, {0xe0, 0x80, 0xfffffffffffffffa, 0x1}})

03:39:56 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0xe00000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220161001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220062001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:56 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x5000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:56 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x8000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:56 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x3f00000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:56 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220162001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:57 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:57 executing program 1:
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0x35, 0xe0, &(0x7f0000000040)="e383c4bf3fe947a9e59159e25d6a4d45c1e87752eb123eb1acb52e32cf119b5abb2a7b76285af0615e73bfcd7fb5b9f5b85df3eb4d", &(0x7f0000000080)=""/224, 0x1ed}, 0x28)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4000)
ioctl$RTC_WIE_ON(r2, 0x700f)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220063001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:57 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0xe000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:57 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x8000000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:57 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x7000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220163001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:57 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0xffffffff00000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220064001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:57 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:57 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x100000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:57 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220164001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:58 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:58 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x2}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x20200, 0x0)
getsockopt$IP_VS_SO_GET_INFO(r2, 0x0, 0x481, &(0x7f0000000200), &(0x7f0000000280)=0xc)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000000)={0x80000001, 0x4, 0x36, 0x2})
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000180)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x84000, 0x0)
ioctl$sock_inet_SIOCDARP(r3, 0x8953, &(0x7f0000000100)={{0x2, 0x4e21, @loopback}, {0x6, @random="1175ad8e0167"}, 0x20, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}, 'teql0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r3, 0x4058534c, &(0x7f0000000080)={0x0, 0x4a3e, 0x400, 0x7, 0x8, 0x100000000})
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2, 0x64031, 0xffffffffffffffff, 0x0)
read$rfkill(r3, &(0x7f0000000300), 0x8)
clone(0x20000000, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f00000002c0)=0x9, 0x4)

03:39:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220065001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:58 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x200000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:58 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x100000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220165001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="225865001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:58 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x3}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:58 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x200000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:58 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x300000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220066001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:58 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:58 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x4}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:58 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220166001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:58 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x300000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:58 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x40)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_GET_NODES(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xa00001}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x700, 0x70bd2a, 0x25dfdbfe, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008051}, 0x80)
write$P9_RRENAMEAT(r1, &(0x7f0000000000)={0x7, 0x4b, 0x2}, 0x7)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
gettid()
ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000180))
ioctl$LOOP_SET_FD(r1, 0x4c00, r1)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
ioctl$sock_proto_private(r1, 0x89ec, &(0x7f0000000200)="5fd5d8d1cdbc66fc293e95064996aec4c2ac25ac81b8e438f0fea73f0033b70c666e00c5d44b416f54")
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:39:58 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x400000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220067001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220167001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:59 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x5}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:59 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x500000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:59 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x400000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220068001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:59 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:39:59 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x7}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:59 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000080)='/dev/kvm\x00'}, 0x30)
fcntl$setown(r0, 0x8, r2)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ubi_ctrl\x00', 0x200, 0x0)
write$P9_RCREATE(r4, &(0x7f0000000180)={0x18, 0x73, 0x7fff, {{0x1, 0x1, 0x5}, 0xff}}, 0x18)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x6, 0x26403f, r1, 0x0)
ioctl$KVM_ASSIGN_DEV_IRQ(r1, 0x4040ae70, &(0x7f0000000000)={0x5, 0x3, 0x80000001, 0x404})
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000040)={0x14, 0x1, 0x80000001})
clone(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_dev$media(&(0x7f0000000100)='/dev/media#\x00', 0xffffffff, 0x800)
epoll_ctl$EPOLL_CTL_DEL(r5, 0x2, r3)

03:39:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220168001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:39:59 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x700000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:59 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x500000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:39:59 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220069001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220169001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:00 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x800000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:00 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x8}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:00 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x700000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22006a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:00 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:00 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0xe}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22016a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:00 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0xe00000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:00 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x800000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f00000004c0)={0x5000, 0x2000, 0x4, 0x3})
r3 = socket$inet6(0xa, 0x40000000000002, 0x1)
r4 = syz_open_dev$video(&(0x7f0000000040)='/dev/video#\x00', 0x7fd, 0x0)
ioctl$VIDIOC_S_PARM(r4, 0xc0cc5616, &(0x7f00000000c0)={0x9, @capture={0x0, 0x0, {0x0, 0xfdfdffffffffffff}}})
setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f0000000780)=ANY=[@ANYBLOB="0085e900e5ff00000000cce1421b060fab193624c84d126556af3f40c8522c2fd29d3bc9ff5140bc4938a97ffe761d1b1047c2bf55e53951581c684dd65d796986e45d4bcb0dc5a4d1c6f1c2b391ee759e23904dcbe3fb803219e7f01d947496d65d829ae80238e71754973de8b492e7ed2910005e2e4183d109bbd023de61ea1b578e2d3ecd92aa0fd450115a6e21c894284c8aa77a819a03774c5647d0059bb7a9dec6cb11198d4d1e529d03d5d7d7c248f954eedcd20b1b6f0ef9f73f627d099f78eaeb5c13782414b4aab1f3a86f3d514ba724f0c209caa1a74e559c0db88dbbe2dcadf4b08f87743b48a5ab2d12157551a8da1d24e94e7d623e9af4ca309cd8bfe50f8b3f5f7d650efad6ca1f42e7b71c5db80b49f1e201c0fe3dd53a516b9ed65075c2ce83a2f3f868d0c77e1c9a7c2eb3f28a9c5cf826f00f7a82e965a96020db35ed283c79ebe4f7a69afae9df63c67b4ade33393ae6ee7b3ac257f7cae86c8ec2be44f495d6e2ff01610604404289f9233f15dc594e85523d3fbe33f47a06"], 0x8)
connect$inet6(r3, &(0x7f0000002740)={0xa, 0x0, 0x0, @dev}, 0x79)
connect$inet6(r3, 0x0, 0x435)
r5 = fcntl$dupfd(r1, 0x0, r1)
sendmmsg(r3, 0x0, 0x0, 0x0)
setsockopt$TIPC_MCAST_REPLICAST(r5, 0x10f, 0x86)
r6 = syz_open_procfs(0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(r4, 0x5429, &(0x7f0000000280))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, 0x0, 0x0)
lstat(&(0x7f0000000300)='./file0\x00', 0x0)
getsockopt$inet6_mtu(r5, 0x29, 0x17, &(0x7f0000000500), &(0x7f0000000540)=0x4)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
ptrace$setregset(0x4205, 0x0, 0x6, 0x0)
r7 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f00000002c0)="da89a5bd0b15a08a06bfe1c10a7f13", 0xf, 0xfffffffffffffffc)
keyctl$describe(0x6, r7, &(0x7f0000000340)=""/119, 0x77)
socket$netlink(0x10, 0x3, 0x0)
sendto$inet6(r6, &(0x7f0000000400)="65e57521b207545501088c8528eff792abeb62e4a04774572933d44e68350d688a56696d2a25d5466b685d37f0c0fcc39e11abfe814ae1e335efeaaee3d1234f7ec7b82e9a8851d6e1a633a4c38f457f71f5e5b49d494f5685ec3c0692eeb4a3ea617d97fa", 0x65, 0x20000000, &(0x7f0000000480)={0xa, 0x4e20, 0x7, @mcast2, 0x1}, 0x1c)
r8 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$negate(0xd, r7, 0xfff, r8)
fremovexattr(r0, &(0x7f0000000000)=@known='trusted.overlay.nlink\x00')
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x8000, 0x0, 0x0, 0x0, 0x0)

03:40:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22006b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:00 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22016b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:00 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x8000000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:00 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x300}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:01 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x8000000000000000, 0x0, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22006c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:01 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:01 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x500}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22016c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:01 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x2}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:01 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
ioctl$int_out(r1, 0x5462, &(0x7f0000000000))
clone(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000040)='wlan0\x00')

03:40:01 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x2, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22006d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:01 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x700}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:01 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x4}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:01 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x3, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:01 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22016d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x8, 0x123803)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000080)=0x8)

03:40:02 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r3 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r3, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:02 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0xe00}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:02 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x300}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:02 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x4, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22006e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:02 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x20024400, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
r2 = getuid()
getgroups(0x4, &(0x7f0000000040)=[0x0, <r3=>0xffffffffffffffff, 0xee01, 0xee00])
write$FUSE_ENTRY(r1, &(0x7f0000000080)={0x90, 0xffffffffffffffda, 0x3, {0x6, 0x2, 0x0, 0x0, 0x6, 0xff, {0x1, 0x0, 0x9, 0x9, 0x3, 0x400, 0x200, 0x0, 0x8001, 0x400, 0x81, r2, r3, 0x9, 0x2}}}, 0x90)

03:40:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22016e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:02 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x3f00}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22006f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:02 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x5, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:02 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x20000181}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:02 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22016f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:03 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r3 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r3, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:03 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x1000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220070001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:03 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x2}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:03 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x7, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220170001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:03 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x2000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:03 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x8, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:03 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220071001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:03 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x3}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:03 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x3000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:04 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r3 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r3, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40000, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000040)={0x7ff, <r2=>0x0, 0x10001, 0x101})
ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000080)={r2})

03:40:04 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220171001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:04 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x4}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:04 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0xe, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:04 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x4000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:04 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220072001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:04 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x5000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:04 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220172001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:04 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x5}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:04 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x300, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x6, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:05 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r3 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r3, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:05 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x7000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220073001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:05 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x7}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:05 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x500, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:05 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x10000, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220173001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:05 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220074001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:05 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x8000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:05 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x700, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:05 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x8}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:05 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f00001dd000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000040)="66baf80cb8d03dd685ef66bafc0cb80c000000efc463716a7600858f09a096062e440fc72a66b8be008ee866b814018ee066410f38816063cfc4427d35e5440f380bb71e2c0000", 0x47}], 0x1, 0x8, &(0x7f0000000100)=[@cr0={0x0, 0x40000001}], 0x1)

03:40:06 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0xe000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220174001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:06 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0xe00, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x300}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r3 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r3, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x151240, 0x0)
ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f00000000c0)={0x1, 0xff})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x2, 0x80000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r3, 0xc0bc5310, &(0x7f0000000100))
ioctl$UI_GET_SYSNAME(r3, 0x8040552c, &(0x7f00000001c0))
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, r0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000200)=<r4=>0x0)
fcntl$setown(r2, 0x8, r4)
connect$vsock_dgram(r3, &(0x7f0000000040)={0x28, 0x0, 0xffffffff}, 0x10)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220075001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:06 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x3f000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x1000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220175001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:06 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x500}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0, 0x4)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000140))
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xffffffffffffffe1, 0x60003)
write$P9_RSTATFS(r2, &(0x7f0000000040)={0x43, 0x9, 0x1, {0x0, 0x0, 0xffff, 0x8, 0x202, 0x6, 0x6, 0x5, 0x80000000}}, 0x43)
poll(&(0x7f00000000c0)=[{r2, 0x6dc7bbede70f8e5b}, {r2, 0x10}, {r2, 0x90}, {r0, 0x400}, {r0, 0x48}], 0x5, 0x3)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220076001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:06 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x100000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x700}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x2000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r3 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r3, 0x2, &(0x7f00000003c0)=""/10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r5, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r4)
socket(0x19, 0x80802, 0x7)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r6, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:06 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220176001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:06 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x200000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:06 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x704, 0x1000)
ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000040)=0x7)
r2 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x5, 0x40)
ioctl$IMGETCOUNT(r2, 0x80044943, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)

03:40:06 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x1000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:07 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x3000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220077001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:07 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x300000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220177001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:07 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x4000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:07 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x2000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:07 executing program 1:
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x2)
getsockopt$inet_tcp_int(r0, 0x6, 0x7, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_dccp_int(r0, 0x21, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0x4)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x2)
ioctl$SG_SET_COMMAND_Q(r1, 0x2271, &(0x7f00000000c0))
clone(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

03:40:07 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:07 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x400000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220078001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:07 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x5000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:07 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x3000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:07 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x3d, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:07 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220178001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:08 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x500000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220079001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:08 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x4000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:08 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x7000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220179001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:08 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:08 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, r1, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:08 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x700000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22007a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:08 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x5000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:08 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x8000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:08 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22017a001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:08 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x800000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22007b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:09 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0xe000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x7000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x10100000000, 0x400000)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r2, 0xd00, 0x70bd2c, 0x25dfdbff, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x8001}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x44000}, 0x40000)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:09 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22017b001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:09 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0xe00000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x100000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x8000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 1:
r0 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x80800, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6}, 0x0, @in=@initdev}}, &(0x7f0000000140)=0xe8)
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x8, 0x6, @broadcast}, 0x14)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22007c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22017c001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:09 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x3f00000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x100000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x200000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:09 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22007d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:10 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:10 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22017d001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:10 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x8000000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:10 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x300000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:10 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x200000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22007e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:10 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0xffffffff00000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:10 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22017e001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:10 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x400000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:10 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x300000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:10 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x0, 0x2}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:10 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x7fff, 0x600000)
ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000080)={0x2, 0x0, [{}, {}]})
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0xffffffffffffffe0, 0x101000)
ioctl$UI_SET_PROPBIT(r2, 0x4004556e, 0xc)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:10 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="77a00b9680537a41938f9f64bc24b84d3aa678f7b01e307aa6dd7d9f1b7ca1e881c4efd1651bf13337700900000069eac8b200763b1c30c8f9006dedd205db1d2cd0d1d6d0e0e3f8070076e68cfc33c8920959b49e968607eaa70aa52c03ee4d267f4479261c9beed78c1d4ee74324dd8aac1dcd7a9132b3d4510300000000000000f37466348f4801ca1820e3db0de7495e1a7b421e615e19c9367987eaa8aa691ec1c1968d02e8d06920d0b1d6a26c3d6f29548d1c60cbfcf2f0a6b3f0d6b362cc956a845580491162bac2c593424d343151cb03e92d1c0499baca2aa8b98c9f42de8575079c2b74b0676465bad782b208f48dbb74d3da569c94ba06febf84769dce3d8f6ed5e601cf30ec16caf92b224dbcba6cb9e2108e9b5c542d32c49947cbe749dcd75f1c01a323703ca7cfbe663f1b51db084fce76eb33990cae43499ef87409310001da4841ef5a2506f84f70d9be484502609dbbab0cff3d5d62e3189ad61203425b8e8a8688c1cf44a967112ca657318cbb10f494156ee791eeff9cb51308c9c02f0cfc9bfb3689f5fbede8078f1c7490987dc84e6e61864ac56d3ebbc0332bf98e9156b1608e9c86dc344dca4f0f97f7607418a200d34a9cb78313b3f6656d2587ea5f070bc1f5d21165dd7a5755713f538cc8cb7e2a5ae90000000000000000000000009fc53564a008e637e071fd81b04fdbcd0b82eec8e4b9c2513d4a2fe32203755966bfe24cbb75b796ffff8e2267e40b481d51f83bdd74db2c48d9697ed1c68ce4ff74acb2a1b0f417f5e345cc8a1329117e416fb4d5fac32a39c8b4c8d49028d1f2d3a7a7b63e400c42c3c7fafc70f804de749f4aeb9a2a1d7d0ba9eea1110a5727d62cbb7dc9c9cf90728d0d88066773e5e5048716f4c2b041fecffe1f8be7aa70674ae789df90ba0f42308088a359668b41ab5dc4984a9592b4e79f192b747725abaad6046eafcb8412c89bc12cdaa09f62c585c2a486641b3ac6d8e9be50db93306b4b8b6806b6536c7ed8f1"], 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:10 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22007f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:11 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x500000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="22017f001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:11 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x400000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:11 executing program 0:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x0, 0x0, 0x3}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220081001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:11 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
gettid()
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/\x00\x00\x00\x00')
fstat(r0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
fchown(r0, 0x0, r1)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x608401)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={'bond_slave_0\x00\x0e\x00'})
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={'bond_slave_0\x00\x00\x00\x02', {0x2, 0x0, @local}})
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'nr0\x00', {0x2, 0x0, @multicast1}})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vga_arbiter\x00', 0x208240, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x400, 0xc8ccd46eb7efdb73)
pkey_alloc(0x0, 0xffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0)
r4 = msgget$private(0x0, 0x104)
msgctl$IPC_STAT(r4, 0x2, &(0x7f00000003c0)=""/10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, &(0x7f0000000280), 0x0, 0x20000004, 0x0, 0x0)
close(r5)
socket(0x19, 0x80802, 0x7)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00')
preadv(r7, &(0x7f0000000480), 0x10000000000001ed, 0x0)

03:40:11 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x700000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220181001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:11 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x500000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:11 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0xc0100, 0x0)
ioctl$IMHOLD_L1(r1, 0x80044948, &(0x7f0000000080)=0x2)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64032, 0xffffffffffffffff, 0x0)
clone(0x0, 0x0, 0x0, 0x0, 0x0)

03:40:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220082001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:11 executing program 4:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x4000000, 0x0, 0x0, 0x0, 0x800000000000000, r0, &(0x7f0000000180)="88", 0x1}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:11 executing program 3:
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001700)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)="88", 0x1, 0x700000000000000}])
io_destroy(r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
tkill(r2, 0x1000000000016)

03:40:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220182001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

03:40:11 executing program 2:
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000480)="220083001e00070700be5bcea13e07010af000a3baf9d825d08ced685bf41e0058c9", 0x22)

[  608.571706][ T1040] INFO: task syz-executor.0:23868 blocked for more than 143 seconds.
[  608.579804][ T1040]       Not tainted 5.1.0-rc3+ #55
[  608.585165][ T1040] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  608.593895][ T1040] syz-executor.0  D29632 23868   7806 0x00000004
[  608.600317][ T1040] Call Trace:
[  608.603673][ T1040]  __schedule+0x817/0x1cc0
[  608.608099][ T1040]  ? trace_hardirqs_off+0x62/0x220
[  608.613609][ T1040]  ? kasan_check_read+0x11/0x20
[  608.618644][ T1040]  ? __sched_text_start+0x8/0x8
[  608.623653][ T1040]  ? __lock_acquire+0x548/0x3fb0
[  608.628607][ T1040]  schedule+0x92/0x180
[  608.632733][ T1040]  schedule_timeout+0x8ca/0xfd0
[  608.637577][ T1040]  ? wait_for_completion+0x294/0x440
[  608.642943][ T1040]  ? find_held_lock+0x35/0x130
[  608.647745][ T1040]  ? usleep_range+0x170/0x170
[  608.652759][ T1040]  ? kasan_check_write+0x14/0x20
[  608.657717][ T1040]  ? _raw_spin_unlock_irq+0x28/0x90
[  608.663046][ T1040]  ? wait_for_completion+0x294/0x440
[  608.668344][ T1040]  ? _raw_spin_unlock_irq+0x28/0x90
[  608.673651][ T1040]  ? lockdep_hardirqs_on+0x418/0x5d0
[  608.678998][ T1040]  ? trace_hardirqs_on+0x67/0x230
[  608.684150][ T1040]  ? kasan_check_read+0x11/0x20
[  608.689094][ T1040]  wait_for_completion+0x29c/0x440
[  608.694259][ T1040]  ? wait_for_completion_interruptible+0x4b0/0x4b0
[  608.700809][ T1040]  ? wake_up_q+0xf0/0xf0
[  608.705126][ T1040]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  608.711569][ T1040]  ? kasan_check_read+0x11/0x20
[  608.716427][ T1040]  __x64_sys_io_destroy+0x373/0x420
[  608.721853][ T1040]  ? __x32_compat_sys_io_setup+0x410/0x410
[  608.727899][ T1040]  ? do_syscall_64+0x26/0x610
[  608.732707][ T1040]  ? lockdep_hardirqs_on+0x418/0x5d0
[  608.738016][ T1040]  ? trace_hardirqs_on+0x67/0x230
[  608.743223][ T1040]  do_syscall_64+0x103/0x610
[  608.747827][ T1040]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  608.753833][ T1040] RIP: 0033:0x4582b9
[  608.757728][ T1040] Code: 42 08 48 89 04 24 e8 c6 ee fc ff 48 8b 6c 24 08 48 83 c4 10 c3 e8 07 1c 00 00 eb c5 cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff <48> 3b 61 10 0f 86 9b 00 00 00 48 83 ec 28 48 89 6c 24 20 48 8d 6c
[  608.777657][ T1040] RSP: 002b:00007f0886886c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000cf
[  608.786207][ T1040] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004582b9
[  608.794283][ T1040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f0886866000
[  608.803007][ T1040] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  608.811025][ T1040] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f08868876d4
[  608.819789][ T1040] R13: 00000000004bf3f1 R14: 00000000004d1148 R15: 00000000ffffffff
[  608.827865][ T1040] 
[  608.827865][ T1040] Showing all locks held in the system:
[  608.835741][ T1040] 1 lock held by khungtaskd/1040:
[  608.840800][ T1040]  #0: 00000000cd6d71f9 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e
[  608.850912][ T1040] 1 lock held by rsyslogd/7678:
[  608.856270][ T1040]  #0: 000000009266920c (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110
[  608.865181][ T1040] 2 locks held by getty/7768:
[  608.870201][ T1040]  #0: 000000002001cb86 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  608.879707][ T1040]  #1: 00000000d1ef809f (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70
[  608.889706][ T1040] 2 locks held by getty/7769:
[  608.894597][ T1040]  #0: 00000000b7dab613 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  608.903786][ T1040]  #1: 000000000a0b0adf (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70
[  608.913419][ T1040] 2 locks held by getty/7770:
[  608.918190][ T1040]  #0: 0000000015960b29 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  608.927422][ T1040]  #1: 0000000035006d2b (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70
[  608.937774][ T1040] 2 locks held by getty/7771:
[  608.942633][ T1040]  #0: 00000000893d2fd9 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  608.951692][ T1040]  #1: 0000000087fd5f7a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70
[  608.961482][ T1040] 2 locks held by getty/7772:
[  608.966273][ T1040]  #0: 00000000ffdc93c5 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  608.975472][ T1040]  #1: 000000004c4eb143 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70
[  608.985094][ T1040] 2 locks held by getty/7773:
[  608.989765][ T1040]  #0: 00000000437b4437 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  608.998817][ T1040]  #1: 000000007fbfcca3 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70
[  609.008569][ T1040] 2 locks held by getty/7774:
[  609.013321][ T1040]  #0: 00000000eb457538 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40
[  609.022328][ T1040]  #1: 000000008ed38f58 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70
[  609.032383][ T1040] 
[  609.034719][ T1040] =============================================
[  609.034719][ T1040] 
[  609.043479][ T1040] NMI backtrace for cpu 1
[  609.047921][ T1040] CPU: 1 PID: 1040 Comm: khungtaskd Not tainted 5.1.0-rc3+ #55
[  609.055823][ T1040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  609.066859][ T1040] Call Trace:
[  609.070193][ T1040]  dump_stack+0x172/0x1f0
[  609.074541][ T1040]  nmi_cpu_backtrace.cold+0x63/0xa4
[  609.080482][ T1040]  ? lapic_can_unplug_cpu.cold+0x38/0x38
[  609.086322][ T1040]  nmi_trigger_cpumask_backtrace+0x1be/0x236
[  609.092502][ T1040]  arch_trigger_cpumask_backtrace+0x14/0x20
[  609.098403][ T1040]  watchdog+0x9b7/0xec0
[  609.102619][ T1040]  kthread+0x357/0x430
[  609.106694][ T1040]  ? reset_hung_task_detector+0x30/0x30
[  609.112427][ T1040]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  609.118765][ T1040]  ret_from_fork+0x3a/0x50
[  609.123344][ T1040] Sending NMI from CPU 1 to CPUs 0:
[  609.128953][    C0] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x2/0x10
[  609.129881][ T1040] Kernel panic - not syncing: hung_task: blocked tasks
[  609.144279][ T1040] CPU: 1 PID: 1040 Comm: khungtaskd Not tainted 5.1.0-rc3+ #55
[  609.151957][ T1040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  609.162025][ T1040] Call Trace:
[  609.165445][ T1040]  dump_stack+0x172/0x1f0
[  609.169827][ T1040]  panic+0x2cb/0x65c
[  609.173878][ T1040]  ? __warn_printk+0xf3/0xf3
[  609.178474][ T1040]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  609.184210][ T1040]  ? printk_safe_flush+0xf2/0x140
[  609.189427][ T1040]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  609.195763][ T1040]  ? lapic_can_unplug_cpu.cold+0x38/0x38
[  609.201402][ T1040]  ? nmi_trigger_cpumask_backtrace+0x1a7/0x236
[  609.207703][ T1040]  ? nmi_trigger_cpumask_backtrace+0x19e/0x236
[  609.214108][ T1040]  watchdog+0x9c8/0xec0
[  609.218545][ T1040]  kthread+0x357/0x430
[  609.222634][ T1040]  ? reset_hung_task_detector+0x30/0x30
[  609.228277][ T1040]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[  609.234559][ T1040]  ret_from_fork+0x3a/0x50
[  609.239939][ T1040] Kernel Offset: disabled
[  609.244276][ T1040] Rebooting in 86400 seconds..