x8000, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}}, 0x14)
r2 = syz_open_dev$admmidi(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, 0x0, 0x0)
clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000300)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x200000, 0x0}, &(0x7f0000000200)="5f39203a1ec6", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000340)=ANY=[])
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpid()
rt_tgsigqueueinfo(r4, r4, 0x16, &(0x7f0000000100))
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f00000001c0)={0xe566, <r5=>0x0, 0x10001, 0x100})
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000240)={r5, 0x401})
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0)
setfsuid(0x0)
ptrace(0x4207, r4)
ptrace(0x8, r4)
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000000)={r2, 0x0, 0x1004000, 0xfffffffff0003000})
syz_open_dev$usbmon(0x0, 0x0, 0x2203)
setpriority(0x1, 0x0, 0x3)

18:24:27 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/hwrng\x00', 0x24000, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)
ioctl$void(r1, 0xc0045c78)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000800)='/dev/cuse\x00', 0x2, 0x0)
r5 = syz_open_dev$vcsn(&(0x7f0000000840)='/dev/vcs#\x00', 0x0, 0x400000)
ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f0000000880)={0x2, 0x0, [{}, {}]})
getsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000900), &(0x7f0000000940)=0x6)
setsockopt$TIPC_CONN_TIMEOUT(r5, 0x10f, 0x82, &(0x7f0000000980)=0x2, 0x4)

18:24:27 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sysinfo(&(0x7f00000007c0)=""/154)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f00000001c0)='cgroup.subtree_control\x00', 0x2, 0x0)
ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f00000004c0)=""/147)
write$cgroup_subtree(r1, &(0x7f0000000180), 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="2d706d7320828215b2944a09af46321c81e002c56c9ad3cf2300b596a469ddcde111"], 0x6)
accept4$inet(0xffffffffffffffff, &(0x7f0000000440)={0x2, 0x0, @remote}, &(0x7f0000000480)=0x10, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e)

18:24:27 executing program 2:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000480)='/dev/vsock\x00', 0x402000, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000880)='/dev/autofs\x00', 0x60000, 0x0)
ioctl$SCSI_IOCTL_GET_IDLUN(0xffffffffffffffff, 0x5382, 0x0)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0)
add_key(0x0, &(0x7f0000000600)={'syz', 0x2}, &(0x7f00000002c0), 0x0, 0xfffffffffffffffc)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={'syz'}, &(0x7f0000000240)='X', 0x1, 0xfffffffffffffffe)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = creat(&(0x7f0000000400)='./file0\x00', 0x0)
write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000640)='TIPCv2\x00')
sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0x4010)
write$FUSE_ATTR(r0, 0x0, 0x0)
clone(0x20002103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$VIDIOC_G_FBUF(0xffffffffffffffff, 0x8030560a, 0x0)
mount(&(0x7f0000000040)=@nullb='::,\n\nnullb:\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='ceph\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_RM_MAP(r1, 0x4028641b, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, 0x40, 0x5, 0x80, &(0x7f0000ffd000/0x2000)=nil, 0x8001})

18:24:27 executing program 1:
socket$inet_udp(0x2, 0x2, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x4, 0x8002)
syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x40200)
ioctl$SIOCRSSCAUSE(r0, 0x89e1, &(0x7f0000000100)=0x6)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x4001ff)
clock_gettime(0x0, &(0x7f0000000300)={<r2=>0x0, <r3=>0x0})
clock_nanosleep(0x0, 0x1, &(0x7f00000000c0)={r2, r3+30000000}, 0x0)

[  214.223054][ T8404] misc userio: Invalid payload size
18:24:27 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8)
connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8)
r17 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r17, 0x0, 0x800000bf)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$sock_ax25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@bcast, @rose, 0x0, [@default, @null, @remote, @default, @netrom, @netrom, @remote, @rose]})
geteuid()

18:24:27 executing program 5:
openat$ion(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ion\x00', 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r0 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000280)={'team0\x00', <r1=>0x0})
connect$packet(r0, &(0x7f00000002c0)={0x11, 0xd, r1, 0x1, 0x8000, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}}, 0x14)
r2 = syz_open_dev$admmidi(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, 0x0, 0x0)
clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000300)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x200000, 0x0}, &(0x7f0000000200)="5f39203a1ec6", 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000340)=ANY=[])
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = getpid()
rt_tgsigqueueinfo(r4, r4, 0x16, &(0x7f0000000100))
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f00000001c0)={0xe566, <r5=>0x0, 0x10001, 0x100})
ioctl$DRM_IOCTL_AGP_UNBIND(r2, 0x40106437, &(0x7f0000000240)={r5, 0x401})
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, 0x0)
setfsuid(0x0)
ptrace(0x4207, r4)
ptrace(0x8, r4)
ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000000)={r2, 0x0, 0x1004000, 0xfffffffff0003000})
syz_open_dev$usbmon(0x0, 0x0, 0x2203)
setpriority(0x1, 0x0, 0x3)

18:24:27 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/hwrng\x00', 0x24000, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)
ioctl$void(r1, 0xc0045c78)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000800)='/dev/cuse\x00', 0x2, 0x0)
syz_open_dev$vcsn(&(0x7f0000000840)='/dev/vcs#\x00', 0x0, 0x400000)
ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f0000000880)={0x2, 0x0, [{}, {}]})
getsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000900), &(0x7f0000000940)=0x6)

18:24:27 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00001bf000/0x1000)=nil, 0x1000, 0x0, 0x4011, r1, 0x0)
munmap(&(0x7f0000ff1000/0xf000)=nil, 0xf000)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r2, 0x8916, &(0x7f0000000080)="153f6234378dd25d766070")
r3 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x4})
r4 = dup2(r3, r3)
setsockopt$inet6_tcp_int(r4, 0x6, 0x22, &(0x7f0000000300)=0x1, 0x4)
r5 = epoll_create(0x20)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000400)={0x40000000})
ioctl$RTC_ALM_SET(r4, 0x40247007, &(0x7f0000000140)={0x34, 0x24, 0x9, 0x12, 0xb, 0x8, 0x5, 0x161})
getsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000180), &(0x7f0000000200)=0xfffffffffffffd86)
getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f0000000540)={'filter\x00', 0x0, 0x4, 0x4c, [], 0x6, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}], &(0x7f00000004c0)=""/76}, &(0x7f00000005c0)=0x78)
mq_timedsend(r3, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000e0b000))
mq_timedsend(r3, &(0x7f0000000240)="3440792164e3b31be80c2f5094ac7a2951b0244e746a053d411f9adb4f5c273e65367b9b89f4d34796661cd7635a857e1aaa3f1c174ff3528fe3a20ae6eb095aceb259f797959bc9aa878cb271b4edefc1419c87f1f0f35f93744d16846d8c213e3810da0c40f9187510433502e2ab5fa3d5bd9433c5f1662dfb871d25c64c7e30f38a3a96a5259ffd57830695a04dd2d5e7a9efb19633dcbb8a5fe6f699a5291a0f7ccdfa994246b67ae021523da1b545f61e5c67c7a8f2b0d48428", 0xbc, 0x5, &(0x7f00000001c0))
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TIOCGPGRP(r4, 0x540f, &(0x7f0000000380)=<r6=>0x0)
mq_notify(r3, &(0x7f00000003c0)={0x0, 0xe, 0x4, @tid=r6})
ioctl$int_out(r3, 0x0, &(0x7f00000006c0))
futex(&(0x7f0000000180), 0x8c, 0x1, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0), 0x0)
ppoll(&(0x7f0000000040)=[{r5, 0x8000}, {r5}, {r3, 0x200}, {r5, 0x24d0}], 0x4, &(0x7f00000000c0)={0x0, 0x1c9c380}, &(0x7f0000000100)={0x3063}, 0x8)
mq_timedsend(r4, &(0x7f0000000600)="b3eaddbd268653831f050c6c99ff5455741ae7e04e548641b4a0ebf55e4ba74455a2996adde572137b644c81ccf558ea483a0c6eda15c3cd626da99f9584aab452a23341537010ac342875b8088fb86ec187f7f2d6b31422428c44391f62aee87efdccb02a6df41c701e20117ea8db38174f9e130dc8190a1fe1fa2b6b479234f4fbe5bbee08622c7518f0ed8d499fcb0fd8", 0x92, 0x18000000000, 0x0)
openat$cgroup_int(r4, &(0x7f0000000740)='cgroup.max.descendants\x00', 0x2, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000340)='/dev/urandom\x00', 0x40, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0xfffffffffbffffff)
r7 = inotify_init()
getitimer(0x1, &(0x7f0000000700))
inotify_add_watch(r7, &(0x7f0000000200)='./file0\x00', 0x80000005)

[  214.482898][ T8428] libceph: resolve '
[  214.482898][ T8428] 
[  214.482898][ T8428] nullb' (ret=-3): failed
[  214.494951][ T8436] misc userio: Invalid payload size
[  214.512121][ T8428] libceph: parse_ips bad ip '::,
[  214.512121][ T8428] 
[  214.512121][ T8428] nullb'
18:24:27 executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x400000000000005, 0xff, 0x4, 0x8000000001}, 0x2c)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x80)
getsockopt$TIPC_IMPORTANCE(r1, 0x10f, 0x7f, &(0x7f0000000100), &(0x7f0000000140)=0x4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0}, 0x2c)
setsockopt$inet_dccp_int(r1, 0x21, 0x15, &(0x7f00000001c0)=0x20, 0x4)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000200)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000fef000/0x11000)=nil, 0x4000, 0x1})
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r0, &(0x7f0000000380)}, 0x10)

18:24:27 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/hwrng\x00', 0x24000, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)
ioctl$void(r1, 0xc0045c78)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000800)='/dev/cuse\x00', 0x2, 0x0)
syz_open_dev$vcsn(&(0x7f0000000840)='/dev/vcs#\x00', 0x0, 0x400000)
ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f0000000880)={0x2, 0x0, [{}, {}]})

18:24:27 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8)
connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8)
r17 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r17, 0x0, 0x800000bf)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$sock_ax25_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000180)={@bcast, @rose, 0x0, [@default, @null, @remote, @default, @netrom, @netrom, @remote, @rose]})

[  214.642575][ T8450] misc userio: Invalid payload size
18:24:28 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/hwrng\x00', 0x24000, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)
ioctl$void(r1, 0xc0045c78)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000800)='/dev/cuse\x00', 0x2, 0x0)
syz_open_dev$vcsn(&(0x7f0000000840)='/dev/vcs#\x00', 0x0, 0x400000)

18:24:28 executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x200600)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000280)="c96dfd37e3bff9e57bed73b689049604fe091747ec5aafc7d117fa42640ee4c4b6203a1dbc66ea", 0x27, 0xfffffffffffffffe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100068, 0x500001c)
prctl$PR_SET_UNALIGN(0x6, 0x2)

18:24:28 executing program 2:
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x200, 0x0)
ioctl$VIDIOC_G_JPEGCOMP(r2, 0x808c563d, &(0x7f00000001c0))
signalfd(r1, &(0x7f0000000100)={0x3}, 0x8)
shutdown(r1, 0x1)
read(r0, &(0x7f0000000000)=""/200, 0xc8)

18:24:28 executing program 5:
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000000)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffd5}, [@ldst={0x7, 0x1, 0x3, 0x0, 0x7a}]}, &(0x7f0000003ff6)='syzkaller\x00', 0x200000000005, 0xc3, &(0x7f00000001c0)=""/195}, 0x48)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100, 0x20)
ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000080)={0x10000, 0x8, 0x8, 0x2, 0x3})
geteuid()
ioctl$TCGETS(r0, 0x5401, &(0x7f0000000100))
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000180)={&(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x8, 0x8, 0x7})

[  214.828786][ T8464] misc userio: Invalid payload size
[  214.883357][ T8466] Unknown ioctl -2138286531
18:24:28 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/hwrng\x00', 0x24000, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)
ioctl$void(r1, 0xc0045c78)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000800)='/dev/cuse\x00', 0x2, 0x0)

18:24:28 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8)
connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8)
r17 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r17, 0x0, 0x800000bf)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)

[  214.925647][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  214.925663][   T26] audit: type=1804 audit(1552501468.216:31): pid=8471 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100617358/syzkaller.eJ15BD/18/memory.events" dev="sda1" ino=16556 res=1
18:24:28 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2001801}, 0x7, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40007fe}, 0x80)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

[  215.007871][ T8477] misc userio: Invalid payload size
18:24:28 executing program 5:
prlimit64(0x0, 0x0, 0x0, 0x0)
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000500)='/dev/ppp\x00', 0x0, 0x0)
flistxattr(0xffffffffffffffff, 0x0, 0x255)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$TIPC_MCAST_BROADCAST(r1, 0x10f, 0x85)
ioctl$EVIOCGPROP(r0, 0xc004743e, 0x0)
waitid(0x0, 0x0, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)

18:24:28 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/hwrng\x00', 0x24000, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)
ioctl$void(r1, 0xc0045c78)

18:24:28 executing program 5:
syz_open_dev$midi(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xe004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
write$binfmt_aout(r1, &(0x7f0000000880)=ANY=[@ANYBLOB="0000000000000000000008000000000000000000001c3adde6963809aa0000004e2311b580fbf902bf40e2ce65d65659f358dc1ab7332d0ef55ec29338a0ddbe9f63e9b1a3b4f903a608e2d94fcadcb572c54f42bb8e0d7de02d9bf674a2d8fa246a1f227968631ceeb7bd438081598f12acde6552e66775835a7942f46e9620353f00000000000000fc533e4c9b59e1118a6c831c623622c8c104000000a30036d4f4443a273f0e0900ff00eb19b4edc7de34de39230ab02c89bc39f65ba52646a67b733958a03cebaa7c45dcf82769f26a9e83bfaa7f10267ea8db37d2807e8b3665095ea9d25a600ee289107059ebeb5c8a05c509fed4413241312d370d55c3e10490b16f4270591df2a28433d44002c36a69e6adb2f4874f7f0352bce603bfcd18af4dffe463"], 0x128)
perf_event_open(&(0x7f0000000800)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000300)={{0x15001, 0x4, 0x0, 0x7f, 0x47, 0x7f, 0x5, 0x7, 0x3, 0x1, 0x81, 0x8f9a}, {0x2000, 0x5000, 0x10, 0x3ff, 0x8, 0xffff, 0x2a6f, 0x0, 0x20, 0x8, 0x0, 0x10001}, {0x0, 0x5000, 0xf, 0x2, 0x3, 0x1f, 0x8, 0x3, 0x0, 0xffffffff, 0x5, 0x4ae1}, {0xf001, 0x5004, 0xf, 0xfffffffffffffbff, 0x5d1, 0x101, 0x2, 0x10000, 0x1, 0x8001000, 0x3, 0x100000000}, {0x10f001, 0x4000, 0xa, 0x173, 0x9, 0x5, 0x101, 0x3, 0x7, 0x1f, 0xffffffff, 0x5}, {0x5000, 0xf003, 0xf, 0x1, 0x8, 0x8, 0x2f, 0x0, 0x0, 0x1000, 0x7fffffff, 0x90}, {0x1001, 0xf002, 0x9, 0x30, 0xffff, 0x2, 0x10, 0xd7, 0x7fffffff, 0x7b5, 0x1000, 0x3ff}, {0x4000, 0x13000, 0xd, 0xa05, 0x4, 0x6, 0xffffffffffffffff, 0x9, 0x200, 0x2, 0xfffffffffffff000, 0x8}, {0x2000, 0xd000}, {0x0, 0x1f000}, 0x1, 0x0, 0x0, 0x502200, 0x7, 0x0, 0x4, [0x1, 0x898, 0x800, 0x4]})
sendfile(r1, r1, &(0x7f0000000000), 0x8080fffffffe)

18:24:28 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8)
connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8)
r17 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r17, 0x0, 0x800000bf)

[  215.237636][ T8495] misc userio: Invalid payload size
18:24:28 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/hwrng\x00', 0x24000, 0x0)
ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead)

[  215.438423][ T8512] misc userio: Invalid payload size
18:24:28 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2001801}, 0x7, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40007fe}, 0x80)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

[  215.670818][ T8518] Unknown ioctl -2138286531
[  215.697578][   T26] audit: type=1804 audit(1552501468.986:32): pid=8468 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir100617358/syzkaller.eJ15BD/18/memory.events" dev="sda1" ino=16556 res=1
18:24:29 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/hwrng\x00', 0x24000, 0x0)

18:24:29 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8)
connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:29 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2001801}, 0x7, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40007fe}, 0x80)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:29 executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x200600)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000280)="c96dfd37e3bff9e57bed73b689049604fe091747ec5aafc7d117fa42640ee4c4b6203a1dbc66ea", 0x27, 0xfffffffffffffffe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x2da8020000100068, 0x500001c)
prctl$PR_SET_UNALIGN(0x6, 0x2)

18:24:29 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2001801}, 0x7, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40007fe}, 0x80)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

[  215.867318][   T26] audit: type=1804 audit(1552501469.156:33): pid=8468 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100617358/syzkaller.eJ15BD/18/memory.events" dev="sda1" ino=16556 res=1
[  215.892882][   T26] audit: type=1800 audit(1552501469.156:34): pid=8468 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.1" name="memory.events" dev="sda1" ino=16556 res=0
[  215.960667][ T8529] misc userio: Invalid payload size
18:24:29 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000780)=0x3ff)

[  216.113602][   T26] audit: type=1804 audit(1552501469.406:35): pid=8532 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir100617358/syzkaller.eJ15BD/19/memory.events" dev="sda1" ino=16590 res=1
18:24:29 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8)
connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:29 executing program 5:
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2)
ioctl$LOOP_SET_CAPACITY(r0, 0x4c07)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000005c0)='limits\x00')
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000780)={&(0x7f0000000540), &(0x7f0000000580)=[0x0], 0x0, 0x0, 0x0, 0x1})
preadv(r1, &(0x7f0000000480), 0x1000000000000237, 0x0)
ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f00000000c0)=""/154)

[  216.213436][ T8543] misc userio: Invalid payload size
18:24:29 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2001801}, 0x7, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40007fe}, 0x80)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:29 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"8b435001eddbf769c7ae726fbf82ebd63ae403a6f457e61f3a822c5ae3bba5b5f05c454dce2ef536f7d3865d9447096dc2ac5e6509394a674bd86d5ef982dd5b105346279fc1e0374622e7fdbd93a43e21fec0cb16343a214002141e71d2661998d4faeaf36e5dd10d0417e84773add5938aea9d957f21a09dc01656841aa59bdf3b357f82e71ab779731aaa9f7efe02c3816a3c09c10a99f5a2fc274528063fffb6c1245357b457e73b8909a1f22a650fc4b95d0246939182cb226dfaf0a2be7438ac24cb30322e24b498f43fc94e7130e7d999fb5e4adeed78b551c99b9649fa36e541672290633de345398f6569801dc0901c77004c13fff47b022de366f1ae3e150f6ae3373c901d0b1e15661fcbc12e000a0c36bd643d1798292905a90a99600579e29d22efa28aace2ed3be861ab07ed45af70366c7783ecdb974fa111a36fe99f9656f10db9f8f210c73058dd4955ea4368fbddb31affeed28c670a41c7662d1ebd45dfebddeb429ac6fd92aa2c7ffeb5d5774d71d09ae245f5f16549e5161c98829bd9e94b1bcb49cf46b60a2babab1ed29241971f2e06a0f6654aa8a186514ba317c8dcfa8d739e58e8165fce9163f7c16db2898364216f01ace5fcbf032410858ce3af0cd3cddd953ca597b9ea43db9ef1d9a4ce05690982e0b78baac70d22b37c10297b38863243a50ac44265f7966998d6cbe89d0986e5c3eaf880e5e2307355ec0981a6fda94b2fa394cba2bf60aaca20aa944bc58ee68f8915b9bf705974c5921345d6a151e7b0e923799afef3e12ef894ef16d0de2f77b775fa600c27e9b6a7ba52512e91c543e1897fade68b806e0cd934902e3929b6a7e3219957d81f6064a5618c6fad54783e4425ca0d2176a4651a6d0a4526566cb3830772cdcce4cbae444557f8778dff5e28f5437b26d1cc0225c2b87ac5cbaca1c75e71d24bdfb3ca87ba072cc3339ba36ca66251687fdd3808df0face571be01ae34c97b57661f3ebf8e9b4c68e3af827987a9a1b990a62c8170222a51f73ad785d3ef6ac5c2b9a85218e8b0098781e37b0d140316e4bd1506cb7860cb5b4ae4097a03894bee1defbd0672a7aa780f29f9bc3a43e57607e76fd5a313f899eeed18cc78c78b90dcf9455f2d3f04573501b9fc93596cb7bfa4808bfa276bec7df9e35a5fdb66167191367835505f4399f8d4368a7c832836c9a6afce535c742c3590c894bc516eb7aa9df63fae44a04981681122a4630fddc4a2bcfab698b3fe83d7a52a44efbf989407a419ec33623ecd5e8af5b87c3d1a3725c832328fc62e110297dee2127dc3d9bc1eb5c941f5238aea1d49b53b47bd66e487a9dab92b3ddc6bd3d4800eae5ec916f422a972e303692e2e327e51ceb4900f5a70e1425a48f8688fa44224556a90779c3c6cf998ae4502307f0d3d580351c8811e89a76ed22984"})

18:24:29 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)
recvmmsg(r2, &(0x7f0000006740)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=""/5, 0x5}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0)

[  216.425447][ T8555] misc userio: Invalid payload size
18:24:29 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x37)
sendto$inet6(r2, 0x0, 0xffffffffffffff97, 0x20000003, &(0x7f0000000140)={0xa, 0x4e22, 0xfff}, 0x1c)
sched_getattr(0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x1da)
ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000240))
set_thread_area(0x0)
openat$cgroup_procs(r2, &(0x7f0000000180)='cgroup.threads\x00', 0x2, 0x0)
close(r2)
r4 = accept4(r3, 0x0, &(0x7f0000000400), 0x80800)
recvmmsg(r2, &(0x7f0000008d80)=[{{&(0x7f0000004b80)=@nl, 0xfe64, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/212}], 0x0, &(0x7f0000006140)=""/105, 0x69}}], 0x8000000000003bf, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$PIO_FONT(r0, 0x4b61, &(0x7f00000000c0)="12ffd0a2c74eb2a4239037911fee9addebddb35db0f996eb3b80605a30ff503d06c5636fa7c0dbf2cc8f38e3e7f824c3d8816eae333796a2b8be41c48c16e09c368cdb81c7e39d5be60fff685a685fcd08796ac481a3e00d30482bb8")
fsetxattr$trusted_overlay_origin(r4, &(0x7f00000001c0)='trusted.overlay.origin\x00', &(0x7f0000000200)='y\x00', 0x2, 0x3)

18:24:29 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8)
connect(r1, &(0x7f0000985ff8)=@un=@abs={0x1}, 0x8)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:29 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000340)={0x0, 0x101}, 0x2)

18:24:29 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)
recvmmsg(r2, &(0x7f0000006740)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=""/5, 0x5}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0)

[  216.732913][ T8579] misc userio: Invalid payload size
18:24:30 executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0xf, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x7, 0x7, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0xffffffffffffffff, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x80, 0x0)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = getuid()
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0xa084, &(0x7f0000000240)=ANY=[@ANYBLOB="7472616e733d2b9bc55f66646e6f3d", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',access=any,version=9p2000,uname=,dfltgid=', @ANYRESHEX=r2, @ANYBLOB=',fscache,version=9p2000.L,dfltuid=', @ANYRESHEX=r3, @ANYBLOB=',seclabel,subj_type=GPL\x00,euid=', @ANYRESDEC=r4, @ANYBLOB=',mask=^MAY_READ,defcontext=staff_u,hash,smackfsroot=GPL\x00,\x00'])

18:24:30 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2001801}, 0x7, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40007fe}, 0x80)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:30 executing program 4:
r0 = epoll_create(0x6)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r2, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r1, 0x5425, 0x800)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r3, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000240)="ac19a36836d6ffed4597fd415b1cd2e3b9cbea8faa769c88452f5df22fabb1bbab3f86a78bbf4413e72abaea83de14ff8dde2d0da9f29b0f8291ade40559c8ab7d0a3278c29c6590cb70e852105a7d68b592864cc5cca99ec3d0e1660d06d26197d1a130a3ed598f92ad369d195bd52c7ce5e5f80bf3d259f4605727899c1c7a5102bb2841b5f5fb760b2e7a25a872a0e1b4708ea1ee3c389625481a80b1de9d4a0e7df2db6f2ef96bc0b12830b33a855f2540ab33858f00c8229f57deecbd6ea6092d4801c02edaf3804b9b603d7358bba882c87923f5edfe42586ab95b55e19889b8bd87e47a6f019dee674b5b71007445324c8a7b8d99b50439a3073783e6")

18:24:30 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)
recvmmsg(r2, &(0x7f0000006740)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=""/5, 0x5}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0)

18:24:30 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
bind$unix(r2, &(0x7f0000003000)=@abs={0x1}, 0x8)
r17 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r17, 0x0, 0x800000bf)

[  217.010817][ T8532] syz-executor.1 (8532) used greatest stack depth: 22648 bytes left
18:24:30 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x37)
sendto$inet6(r2, 0x0, 0xffffffffffffff97, 0x20000003, &(0x7f0000000140)={0xa, 0x4e22, 0xfff}, 0x1c)
sched_getattr(0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x1da)
ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000240))
set_thread_area(0x0)
openat$cgroup_procs(r2, &(0x7f0000000180)='cgroup.threads\x00', 0x2, 0x0)
close(r2)
r4 = accept4(r3, 0x0, &(0x7f0000000400), 0x80800)
recvmmsg(r2, &(0x7f0000008d80)=[{{&(0x7f0000004b80)=@nl, 0xfe64, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/212}], 0x0, &(0x7f0000006140)=""/105, 0x69}}], 0x8000000000003bf, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$PIO_FONT(r0, 0x4b61, &(0x7f00000000c0)="12ffd0a2c74eb2a4239037911fee9addebddb35db0f996eb3b80605a30ff503d06c5636fa7c0dbf2cc8f38e3e7f824c3d8816eae333796a2b8be41c48c16e09c368cdb81c7e39d5be60fff685a685fcd08796ac481a3e00d30482bb8")
fsetxattr$trusted_overlay_origin(r4, &(0x7f00000001c0)='trusted.overlay.origin\x00', &(0x7f0000000200)='y\x00', 0x2, 0x3)

[  217.062557][ T8588] misc userio: Invalid payload size
18:24:30 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2001801}, 0x7, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40007fe}, 0x80)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:30 executing program 1:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0xa37, 0x1, 0x1}, 0x2c)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/qat_adf_ctl\x00', 0x400000, 0x0)
ioctl$sock_SIOCADDDLCI(r2, 0x8980, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000f9ff00000280000085000000ffffffe495"], 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000040)=@raw=[@map={0x18, 0x2, 0x1, 0x0, r1}, @call={0x85, 0x0, 0x0, 0x2c}], &(0x7f0000000140)='GPL\x00', 0x41, 0xffc4, &(0x7f00000004c0)=""/167}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000700)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="ba58d6fcaccb7ffce16e1bcfe23b", 0x0, 0x319}, 0x28)
r4 = syz_open_dev$cec(0x0, 0x1, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200)={<r5=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f00000002c0)={0x4, 0x8, 0xfa00, {r5, 0x4}}, 0x10)
ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, 0x0)

18:24:30 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)
recvmmsg(r2, &(0x7f0000006740)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)=""/5, 0x5}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x2}}], 0x1, 0x0, 0x0)

18:24:30 executing program 4:
epoll_create(0x6)
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, r1, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r0, 0x5425, 0x800)
r2 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)
openat$userio(0xffffffffffffff9c, &(0x7f0000000200)='/dev/userio\x00', 0x10100, 0x0)

18:24:30 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00', <r5=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote, <r8=>0x0}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r9=>r7})
getpeername(r2, &(0x7f000000e580)=@xdp={0x2c, 0x0, <r10=>0x0}, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={<r12=>0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback, <r15=>0x0}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00', <r16=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f000000f400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000010}, 0xc, &(0x7f000000f3c0)={&(0x7f000000ed80)=ANY=[@ANYBLOB="14060000", @ANYRES16=r3, @ANYBLOB="08002abd7000fedbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="0001020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008040000100240001006c625f686173685f737461747300000000000000000000000000000000000000170003000b0000000800040008000000080007000000000038000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400090000004c005f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r5, @ANYBLOB="e401020044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000140004000200000100800000a605e10805000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r6, @ANYBLOB="3800240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004007f0000003800010024000100616374697665706f727400000000000000000000080003000300000008000400", @ANYRES32=r7, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000180ffff08000600", @ANYRES32=r8, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000000000008000100", @ANYRES32=r10, @ANYBLOB="180202003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400c908000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040008000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r14, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000800000008000100", @ANYRES32=r15, @ANYBLOB="e40002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000300000038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000000008000300030000000800040000040000"], 0x614}, 0x1, 0x0, 0x0, 0x8000}, 0x4840)
r17 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r17, 0x0, 0x800000bf)

[  217.310321][ T8615] misc userio: Invalid payload size
18:24:30 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
sendmsg$nl_netfilter(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2001801}, 0x7, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x40007fe}, 0x80)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:30 executing program 4:
epoll_create(0x6)
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, r1, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r0, 0x5425, 0x800)
r2 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:30 executing program 5:
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x50, 0x0)
r0 = creat(&(0x7f00000001c0)='./file0/bus\x00', 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000027000)={0x1})
r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x1, 0x0)
mkdirat(r1, &(0x7f0000000140)='./file0/bus\x00', 0x100)
getsockopt$IP_VS_SO_GET_TIMEOUT(r2, 0x0, 0x486, &(0x7f0000000040), &(0x7f0000000100)=0xc)
fchdir(r1)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00')
truncate(&(0x7f0000000180)='./bus\x00', 0x0)

18:24:30 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback}, &(0x7f000000eb80)=0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f000000ed40)={'nr0\x00'})
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:30 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

[  217.603240][ T8635] misc userio: Invalid payload size
18:24:31 executing program 5:
ioctl$KVM_GET_PIT2(0xffffffffffffffff, 0x8070ae9f, 0x0)
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000680))
setxattr$trusted_overlay_upper(&(0x7f0000000080)='./bus\x00', 0x0, 0x0, 0x0, 0x0)
syz_open_dev$loop(0x0, 0x3f, 0xfffffffffffffffd)
clone(0x20002102, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000880)={<r2=>0x0, @in6={{0xa, 0x4e21, 0x81, @mcast1, 0x2}}}, &(0x7f0000000800)=0x84)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000940)={r2, 0x4419, 0x7}, 0x8)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
add_key$user(&(0x7f0000000640)='user\x00', 0x0, &(0x7f0000000940), 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000100), 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="480000000000000014010000010000000000000000000000", @ANYPTR=&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="0503080000000000", @ANYPTR=&(0x7f00000006c0)=ANY=[@ANYPTR=&(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB=',\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='C\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="c600000000000000", @ANYPTR=&(0x7f0000000140)=ANY=[@ANYBLOB="000000000000000005000000000000"], @ANYBLOB="0f00000000000000", @ANYPTR=&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="ffff070000000000", @ANYPTR=&(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000000000000000006a164000000000000000000000000000000000000000000000000"], @ANYBLOB='*\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB='M\x00\x00\x00\x00\x00\x00\x00', @ANYPTR=&(0x7f0000000440)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="f400000000000000", @ANYPTR=&(0x7f0000000540)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="db00000000000000"], @ANYBLOB='\a\x00\x00\x00\x00\x00\x00\x00`\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x48}, 0x0)

18:24:31 executing program 4:
epoll_create(0x6)
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, r1, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r0, 0x5425, 0x800)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:31 executing program 1:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0xa37, 0x1, 0x1}, 0x2c)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/qat_adf_ctl\x00', 0x400000, 0x0)
ioctl$sock_SIOCADDDLCI(r2, 0x8980, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000f9ff00000280000085000000ffffffe495"], 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000040)=@raw=[@map={0x18, 0x2, 0x1, 0x0, r1}, @call={0x85, 0x0, 0x0, 0x2c}], &(0x7f0000000140)='GPL\x00', 0x41, 0xffc4, &(0x7f00000004c0)=""/167}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000700)={r3, 0x0, 0xe, 0x0, &(0x7f0000000100)="ba58d6fcaccb7ffce16e1bcfe23b", 0x0, 0x319}, 0x28)
r4 = syz_open_dev$cec(0x0, 0x1, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200)={<r5=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f00000002c0)={0x4, 0x8, 0xfa00, {r5, 0x4}}, 0x10)
ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, 0x0)

18:24:31 executing program 4:
epoll_create(0x6)
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, r1, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r0, 0x5425, 0x800)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:31 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)

18:24:31 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback}, &(0x7f000000eb80)=0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:31 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:31 executing program 4:
epoll_create(0x6)
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, r1, 0x4, 0x1}, 0x10)
ioctl$TCSBRKP(r0, 0x5425, 0x800)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:31 executing program 1:
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$overlay(0x400000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000500)='overlay\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="75707065726469723d2e2f66696c65302c6c6f7765516469723d2e3a66696c65302c776f726b6469723d2e2f66696c65317672c3d0a343289244a888eb90d3ed9dd12244765bbbcb4401d0884d290d98ada58e65e62b"])
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000280)='./file0/file1/file0\x00')

18:24:31 executing program 5:
r0 = socket$inet6(0xa, 0x803, 0x7)
ioctl(r0, 0x1000008912, &(0x7f0000000140)="0a5c2d023c126285718070")
r1 = socket(0x100000010, 0x3, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x12000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='Q\b\x00\x00', @ANYRES16=r2, @ANYBLOB="080728bd7000fbdbdf2516000000780005001c00020008000400ff7fffff0800030009000000080003000000000008000100657468000c000200080001000e000000240002000800020001000100080003005f000000080003000000000408000200020000000400020008000100657468000c000200080004002000000008000100657468004c0009000800010001000000080002000200000008000200420b000008000200060000000800020002000000080002009a0c000008000200ca0900000800020001000100080002000200000050000200080002000900000008000200cf99047308000100ff030000080001000600000008000200010000000800020003000000080002000900000008000100f8b200000800020001000080040004003400090008000100800a0000080001008f0a0000080001000400000008000200ff0000000800010005000000080002001f000000e40004003c000700080001001c000000080003000900000008000400000000000800030002000000080001001e0000000800030005000000080001000b0000002c0007000800020000000000080003000500000008000200b00f0000080003000300000008000100040000001400010062726f6164636173742d6c696e6b0000440007000800040000000000080004000000010008000100b6050000080001000e00000008000200300a00000800010007000000080001000b00000008000200f10000001400010062726f6164636173742d6c696e6b00000c00010073797a3100000000"], 0x240}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dlm_plock\x00', 0x2140, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r3, 0x0, 0x82, &(0x7f00000004c0)={'fyl\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@'}, &(0x7f0000000440)=0x78)
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000580)=<r4=>0x0)
sendmsg$TIPC_NL_LINK_GET(r1, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000540)={&(0x7f00000005c0)={0x1b8, r2, 0x10, 0x70bd25, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x40, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x561a}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xffffffff}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x200}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}]}, @TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x200}]}, @TIPC_NLA_NODE={0x18, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xc357}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}]}, @TIPC_NLA_NET={0x60, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x628}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2b}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7fffffff}]}, @TIPC_NLA_BEARER={0x14, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8000000000000000}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_MON={0x44, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x38a}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x40ff99f8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x21b}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x200}]}, @TIPC_NLA_SOCK={0x30, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3ea}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}]}, @TIPC_NLA_NODE={0x20, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_SOCK={0x8, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x40000}, 0x80)
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f00000007c0)=r4)
ioctl$sock_ifreq(r1, 0x8994, &(0x7f0000000000)={'bond0\x00\x00\x00\x00\x06\x00\x00\x01\x00', @ifru_settings={0x707000, 0x0, @fr_pvc=0x0}})

18:24:31 executing program 4:
epoll_create(0x6)
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r0, r1, 0x4, 0x1}, 0x10)
r2 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:31 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x734, 0x80)
ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000240)=""/189)
close(0xffffffffffffffff)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000100)="0adc1f023c12")
semctl$GETNCNT(0x0, 0x1, 0xe, &(0x7f0000000180)=""/26)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vsock\x00', 0x0, 0x0)
setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000080)={0x2, @vbi={0x0, 0x0, 0x34325258}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000340)={'vxcan1\x00', 0x80000000})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000640)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, 0x0)

18:24:31 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:31 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback}, &(0x7f000000eb80)=0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

[  218.329491][ T8687] misc userio: Invalid payload size
18:24:31 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:31 executing program 4:
epoll_create(0x6)
syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x4102)
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

[  218.487282][ T8693] Unknown ioctl 35124
18:24:31 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:31 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

[  218.553032][ T8704] misc userio: Invalid payload size
[  218.563999][ T8708] Unknown ioctl 35124
18:24:31 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback}, &(0x7f000000eb80)=0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:31 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x734, 0x80)
ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000240)=""/189)
close(0xffffffffffffffff)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000100)="0adc1f023c12")
semctl$GETNCNT(0x0, 0x1, 0xe, &(0x7f0000000180)=""/26)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vsock\x00', 0x0, 0x0)
setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000080)={0x2, @vbi={0x0, 0x0, 0x34325258}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000340)={'vxcan1\x00', 0x80000000})
openat$fuse(0xffffffffffffff9c, &(0x7f0000000640)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, 0x0)

18:24:32 executing program 4:
epoll_create(0x6)
syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:32 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:32 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:32 executing program 4:
epoll_create(0x6)
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

[  218.823164][ T8723] misc userio: Invalid payload size
[  218.830762][ T8724] Unknown ioctl 35124
18:24:32 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback}, &(0x7f000000eb80)=0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:32 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

[  218.974589][ T8734] misc userio: Invalid payload size
18:24:32 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:32 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:32 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:32 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:32 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback}, &(0x7f000000eb80)=0xc)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:32 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

[  219.332131][ T8753] misc userio: Invalid payload size
18:24:32 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback}, &(0x7f000000eb80)=0xc)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:32 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:32 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, 0x0, 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:32 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:32 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:32 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f000000eb40)={@multicast2, @loopback}, &(0x7f000000eb80)=0xc)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:32 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, 0x0, 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:32 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:33 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r2})
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r3, 0x0, 0x800000bf)

18:24:33 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, 0x0, 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:33 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:33 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:33 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x0, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:33 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:33 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:33 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:33 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:33 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:33 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x0, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:33 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:33 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:33 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:33 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:33 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x0, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:33 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:33 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:33 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:33 executing program 4:
openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:33 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:33 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:33 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:33 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:33 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:33 executing program 4:
openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:34 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:34 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:34 executing program 4:
openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321cf6a132f66672c6a80cc8719529833f7b441c56a705f2415664d934e447e01f06dc4aa3bcb90b48e16cd450eab7b945271ec22621763ca9cb08834f2ab593572cbbf51691ff61a20876", 0x93}], 0x1)

18:24:34 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:34 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:34 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:34 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, 0x0, 0x0)

18:24:34 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:34 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:34 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:34 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:34 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:34 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, 0x0, 0x0)

18:24:34 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, 0x0, 0x0)

18:24:34 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:34 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:34 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:34 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0), 0x0)

18:24:34 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:34 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:34 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:34 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:34 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r2})
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r3, 0x0, 0x800000bf)

18:24:34 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0), 0x0)

18:24:35 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:35 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:35 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0), 0x0)

18:24:35 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:35 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:35 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:35 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:35 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:35 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{0x0}], 0x1)

18:24:35 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:35 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:35 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:35 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{0x0}], 0x1)

18:24:35 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:35 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:35 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:35 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{0x0}], 0x1)

18:24:35 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:35 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:35 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:35 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:35 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:35 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

18:24:35 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:35 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:36 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:36 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:36 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

18:24:36 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:36 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:36 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

18:24:36 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:36 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
socket$alg(0x26, 0x5, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:36 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:36 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:36 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:36 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:36 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a58c27330104a97bb17f328935b995e0a63bb3950eb3c6f1c25abcb409d2304ae497cde7414039964685f70cf1ec9bb906e0259122d3b840e2d9c115bc753fc9342917e27244c54a321c", 0x4a}], 0x1)

18:24:36 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

[  223.295268][ T9059] misc userio: Invalid payload size
18:24:36 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:36 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:36 executing program 0:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:36 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:36 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:36 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="a5", 0x1}], 0x1)

18:24:36 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

[  223.552964][ T9078] misc userio: Invalid payload size
18:24:36 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:36 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:36 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

18:24:37 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:37 executing program 0:
r0 = socket$unix(0x1, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:37 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

18:24:37 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:37 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:37 executing program 0:
r0 = socket$unix(0x1, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 2:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:37 executing program 4:
r0 = openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x1, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

18:24:37 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:37 executing program 2:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:37 executing program 0:
r0 = socket$unix(0x1, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 4:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 2:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:37 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:37 executing program 3:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:37 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:37 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:37 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:38 executing program 3:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:38 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:38 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:38 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:38 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:38 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 3:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 0:
socket$unix(0x1, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:38 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 0:
socket$unix(0x1, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:38 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:38 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:38 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:38 executing program 0:
socket$unix(0x1, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:38 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:38 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:38 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:38 executing program 5:
r0 = socket$unix(0x1, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:38 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:38 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:38 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 3:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:38 executing program 5:
r0 = socket$unix(0x1, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:39 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:39 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:39 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:39 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 5:
r0 = socket$unix(0x1, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:39 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000))
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:39 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x0)

18:24:39 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:39 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000))
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:39 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x0)

18:24:39 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:39 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000))
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:39 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:39 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x0)

18:24:39 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 5:
socket$unix(0x1, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:39 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:39 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c12")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:40 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c12")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:40 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 5:
socket$unix(0x1, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:40 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c12")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:40 executing program 1:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 5:
socket$unix(0x1, 0x1, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(0xffffffffffffffff, r0, 0x0, 0x800000bf)

18:24:40 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:40 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:40 executing program 4:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$amidi(0x0, 0x0, 0x0)
r0 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x800000bf)

18:24:40 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 1:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:40 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:40 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, 0xffffffffffffffff, 0x0, 0x800000bf)

18:24:40 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:40 executing program 1:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x0)

18:24:40 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:40 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b0")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:41 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x0)

18:24:41 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b0")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:41 executing program 5:
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r0, r1, 0x0, 0x0)

18:24:41 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b0")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:41 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:41 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:41 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:41 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:41 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:41 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:42 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:42 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:42 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, 0x0)

18:24:42 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:42 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, 0x0)

18:24:42 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, 0x0)

18:24:43 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280))

18:24:43 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 0:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:43 executing program 2:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:43 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 0:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 2:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:44 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 0:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 2:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r2, 0x0, 0x800000bf)

18:24:44 executing program 0:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 0:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d"], 0x33)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:44 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 0:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce"], 0x1a)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:45 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 4:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 4:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:46 executing program 4:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f91"], 0xe)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 4:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:46 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:46 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 4:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r2})
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r3, 0x0, 0x800000bf)

18:24:47 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:47 executing program 4:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 5:
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$amidi(0x0, 0x0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x400040000000001, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00')
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f000000a6c0)={{{@in6=@initdev, @in=@multicast1}}, {{@in6=@local}, 0x0, @in=@multicast2}}, &(0x7f000000a7c0)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f000000a800)={'caif0\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f000000dd40)={{{@in6=@local, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@ipv4={[], [], @empty}}}, &(0x7f000000de40)=0xe8)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000000c0)=0xffffffffffffff9f)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f000000e200)={@remote}, &(0x7f000000e240)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', r3})
getpeername(r2, &(0x7f000000e580)=@xdp, &(0x7f000000e600)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e640)={{{@in=@remote, @in6}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f000000e740)=0xe8)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f000000e780)={0x0, @empty, @multicast1}, &(0x7f000000e7c0)=0xc)
accept$packet(r0, &(0x7f000000e800)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f000000e840)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f000000e940)={{{@in=@loopback, @in=@multicast2}}, {{@in6=@ipv4}, 0x0, @in=@dev}}, &(0x7f000000ea40)=0xe8)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/ipv6_route\x00')
sendfile(r1, r4, 0x0, 0x800000bf)

18:24:47 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7fffffff, 0x5ab2, 0x4}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, 0x0, &(0x7f0000000340))
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r3, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d"], 0x33)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:47 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 5:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
close(r0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)

18:24:48 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce"], 0x1a)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)

18:24:48 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:48 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000040)={0x0, "767d7eff364f5716af39da39ca313677b0bd82abbfb728af92bee0c0a26deb37", 0x2, 0x1})
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:24:49 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)

18:24:49 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:24:49 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f91"], 0xe)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:24:49 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:49 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r2 = accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r5 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r5, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r4, 0x40045201, &(0x7f0000000280)=0x1f)
write$binfmt_script(r2, &(0x7f0000000600)=ANY=[], 0xfec8)

18:24:50 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:50 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:50 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:50 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:50 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:50 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d"], 0x33)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:51 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 2:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r3, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)

18:24:51 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 2:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce"], 0x1a)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:51 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 2:
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(0xffffffffffffffff, r0, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000540)=""/236)
r1 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x80000000005, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, 0x0)
ioctl$FS_IOC_FSGETXATTR(r1, 0x4004550d, &(0x7f00000001c0))
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r3, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)

18:24:52 executing program 2:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:52 executing program 3 (fault-call:5 fault-nth:0):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  239.384392][T10302] FAULT_INJECTION: forcing a failure.
[  239.384392][T10302] name failslab, interval 1, probability 0, space 0, times 1
[  239.423093][T10302] CPU: 1 PID: 10302 Comm: syz-executor.3 Not tainted 5.0.0-next-20190306 #4
18:24:52 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  239.431821][T10302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  239.442060][T10302] Call Trace:
[  239.445539][T10302]  dump_stack+0x172/0x1f0
[  239.450482][T10302]  should_fail.cold+0xa/0x15
[  239.455229][T10302]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  239.461208][T10302]  ? ___might_sleep+0x163/0x280
[  239.466145][T10302]  __should_failslab+0x121/0x190
[  239.471194][T10302]  should_failslab+0x9/0x14
[  239.476453][T10302]  kmem_cache_alloc_trace+0x2d1/0x760
18:24:52 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  239.481841][T10302]  ? kasan_check_read+0x11/0x20
[  239.486790][T10302]  alloc_pipe_info+0xb9/0x430
[  239.491546][T10302]  splice_direct_to_actor+0x775/0x970
[  239.496978][T10302]  ? common_file_perm+0x238/0x720
[  239.502037][T10302]  ? generic_pipe_buf_nosteal+0x10/0x10
[  239.507656][T10302]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  239.513915][T10302]  ? do_splice_to+0x190/0x190
[  239.519226][T10302]  ? rw_verify_area+0x118/0x360
[  239.524102][T10302]  do_splice_direct+0x1da/0x2a0
[  239.529077][T10302]  ? splice_direct_to_actor+0x970/0x970
18:24:52 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d"], 0x33)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  239.534650][T10302]  ? rw_verify_area+0x118/0x360
[  239.539518][T10302]  do_sendfile+0x597/0xd00
[  239.543959][T10302]  ? do_compat_pwritev64+0x1c0/0x1c0
[  239.549260][T10302]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  239.555571][T10302]  ? _copy_from_user+0xdd/0x150
[  239.560434][T10302]  __x64_sys_sendfile64+0x15a/0x220
[  239.565636][T10302]  ? __ia32_sys_sendfile+0x230/0x230
[  239.571001][T10302]  ? do_syscall_64+0x26/0x610
[  239.571074][T10302]  ? lockdep_hardirqs_on+0x418/0x5d0
[  239.581323][T10302]  ? trace_hardirqs_on+0x67/0x230
[  239.586367][T10302]  do_syscall_64+0x103/0x610
[  239.590996][T10302]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  239.596912][T10302] RIP: 0033:0x457f29
[  239.600822][T10302] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  239.620429][T10302] RSP: 002b:00007f77f0e4bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
18:24:52 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:24:52 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  239.628957][T10302] RAX: ffffffffffffffda RBX: 00007f77f0e4bc90 RCX: 0000000000457f29
[  239.637200][T10302] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  239.645178][T10302] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  239.653151][T10302] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f77f0e4c6d4
[  239.653161][T10302] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:53 executing program 3 (fault-call:5 fault-nth:1):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  239.862219][T10332] FAULT_INJECTION: forcing a failure.
[  239.862219][T10332] name failslab, interval 1, probability 0, space 0, times 0
[  239.875261][T10332] CPU: 0 PID: 10332 Comm: syz-executor.3 Not tainted 5.0.0-next-20190306 #4
[  239.884201][T10332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  239.894244][T10332] Call Trace:
[  239.897532][T10332]  dump_stack+0x172/0x1f0
[  239.901863][T10332]  should_fail.cold+0xa/0x15
[  239.906437][T10332]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  239.912237][T10332]  ? ___might_sleep+0x163/0x280
[  239.917085][T10332]  __should_failslab+0x121/0x190
[  239.922062][T10332]  should_failslab+0x9/0x14
[  239.926552][T10332]  __kmalloc+0x2dc/0x740
[  239.930897][T10332]  ? kmem_cache_alloc_trace+0x354/0x760
[  239.936425][T10332]  ? kasan_check_read+0x11/0x20
[  239.941263][T10332]  ? alloc_pipe_info+0x199/0x430
[  239.946195][T10332]  alloc_pipe_info+0x199/0x430
[  239.950945][T10332]  splice_direct_to_actor+0x775/0x970
[  239.956305][T10332]  ? common_file_perm+0x238/0x720
[  239.961311][T10332]  ? generic_pipe_buf_nosteal+0x10/0x10
[  239.966838][T10332]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  239.973062][T10332]  ? do_splice_to+0x190/0x190
[  239.977741][T10332]  ? rw_verify_area+0x118/0x360
[  239.982615][T10332]  do_splice_direct+0x1da/0x2a0
[  239.987453][T10332]  ? splice_direct_to_actor+0x970/0x970
[  239.993004][T10332]  ? rw_verify_area+0x118/0x360
[  239.997849][T10332]  do_sendfile+0x597/0xd00
[  240.002254][T10332]  ? do_compat_pwritev64+0x1c0/0x1c0
[  240.007542][T10332]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  240.013761][T10332]  ? _copy_from_user+0xdd/0x150
[  240.018596][T10332]  __x64_sys_sendfile64+0x15a/0x220
[  240.023778][T10332]  ? __ia32_sys_sendfile+0x230/0x230
[  240.029054][T10332]  ? do_syscall_64+0x26/0x610
[  240.033733][T10332]  ? lockdep_hardirqs_on+0x418/0x5d0
[  240.039017][T10332]  ? trace_hardirqs_on+0x67/0x230
[  240.044064][T10332]  do_syscall_64+0x103/0x610
[  240.048641][T10332]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  240.054515][T10332] RIP: 0033:0x457f29
[  240.058417][T10332] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  240.078016][T10332] RSP: 002b:00007f77f0e4bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  240.086421][T10332] RAX: ffffffffffffffda RBX: 00007f77f0e4bc90 RCX: 0000000000457f29
[  240.094383][T10332] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  240.102361][T10332] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  240.110321][T10332] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f77f0e4c6d4
[  240.118314][T10332] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:53 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r3 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r3, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)

18:24:53 executing program 2:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:53 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f91"], 0xe)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:53 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:24:53 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:53 executing program 3 (fault-call:5 fault-nth:2):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:53 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:53 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  240.287093][T10350] FAULT_INJECTION: forcing a failure.
[  240.287093][T10350] name failslab, interval 1, probability 0, space 0, times 0
[  240.307851][T10350] CPU: 1 PID: 10350 Comm: syz-executor.3 Not tainted 5.0.0-next-20190306 #4
[  240.316562][T10350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  240.316576][T10350] Call Trace:
18:24:53 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  240.334236][T10350]  dump_stack+0x172/0x1f0
[  240.338602][T10350]  should_fail.cold+0xa/0x15
[  240.343229][T10350]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  240.349074][T10350]  ? ___might_sleep+0x163/0x280
[  240.354462][T10350]  __should_failslab+0x121/0x190
[  240.359503][T10350]  should_failslab+0x9/0x14
[  240.364041][T10350]  kmem_cache_alloc_node+0x264/0x710
[  240.369440][T10350]  __alloc_skb+0xd5/0x5e0
[  240.373796][T10350]  ? skb_trim+0x190/0x190
[  240.378211][T10350]  ? find_get_entry+0x535/0x880
[  240.378272][T10350]  vhci_write+0xc4/0x470
[  240.387326][T10350]  new_sync_write+0x4c7/0x760
[  240.392463][T10350]  ? default_llseek+0x2e0/0x2e0
[  240.392552][T10350]  ? copy_page_to_iter+0x4e7/0xd60
[  240.392574][T10350]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  240.402523][T10350]  ? put_page+0xce/0x130
[  240.402552][T10350]  __vfs_write+0xe4/0x110
[  240.402572][T10350]  __kernel_write+0x110/0x3b0
[  240.402592][T10350]  write_pipe_buf+0x15d/0x1f0
[  240.402607][T10350]  ? aa_file_perm+0x432/0xeb0
[  240.402619][T10350]  ? do_splice_direct+0x2a0/0x2a0
[  240.402635][T10350]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  240.402648][T10350]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  240.402661][T10350]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  240.402681][T10350]  __splice_from_pipe+0x395/0x7d0
[  240.417498][T10350]  ? do_splice_direct+0x2a0/0x2a0
[  240.417522][T10350]  ? do_splice_direct+0x2a0/0x2a0
[  240.417538][T10350]  splice_from_pipe+0x108/0x170
[  240.417555][T10350]  ? splice_shrink_spd+0xd0/0xd0
[  240.417582][T10350]  default_file_splice_write+0x3c/0x90
18:24:53 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  240.436619][T10350]  ? generic_splice_sendpage+0x50/0x50
[  240.436637][T10350]  direct_splice_actor+0x126/0x1a0
[  240.436656][T10350]  splice_direct_to_actor+0x369/0x970
[  240.436674][T10350]  ? generic_pipe_buf_nosteal+0x10/0x10
[  240.436694][T10350]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  240.436708][T10350]  ? do_splice_to+0x190/0x190
[  240.436729][T10350]  ? rw_verify_area+0x118/0x360
[  240.514261][T10350]  do_splice_direct+0x1da/0x2a0
[  240.528627][T10350]  ? splice_direct_to_actor+0x970/0x970
18:24:53 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce"], 0x1a)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  240.528653][T10350]  ? rw_verify_area+0x118/0x360
[  240.539054][T10350]  do_sendfile+0x597/0xd00
[  240.543504][T10350]  ? do_compat_pwritev64+0x1c0/0x1c0
[  240.548813][T10350]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  240.555507][T10350]  ? _copy_from_user+0xdd/0x150
[  240.560373][T10350]  __x64_sys_sendfile64+0x15a/0x220
[  240.565581][T10350]  ? __ia32_sys_sendfile+0x230/0x230
[  240.570878][T10350]  ? do_syscall_64+0x26/0x610
[  240.575574][T10350]  ? lockdep_hardirqs_on+0x418/0x5d0
[  240.580886][T10350]  ? trace_hardirqs_on+0x67/0x230
[  240.585928][T10350]  do_syscall_64+0x103/0x610
[  240.590545][T10350]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  240.596445][T10350] RIP: 0033:0x457f29
[  240.600350][T10350] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  240.619958][T10350] RSP: 002b:00007f77f0e4bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  240.619973][T10350] RAX: ffffffffffffffda RBX: 00007f77f0e4bc90 RCX: 0000000000457f29
18:24:53 executing program 3 (fault-call:5 fault-nth:3):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  240.619981][T10350] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  240.619990][T10350] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  240.619998][T10350] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f77f0e4c6d4
[  240.620007][T10350] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  240.775473][T10373] FAULT_INJECTION: forcing a failure.
[  240.775473][T10373] name failslab, interval 1, probability 0, space 0, times 0
[  240.821384][T10373] CPU: 0 PID: 10373 Comm: syz-executor.3 Not tainted 5.0.0-next-20190306 #4
[  240.830113][T10373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  240.840173][T10373] Call Trace:
[  240.843463][T10373]  dump_stack+0x172/0x1f0
[  240.847890][T10373]  should_fail.cold+0xa/0x15
[  240.852485][T10373]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  240.858369][T10373]  ? ___might_sleep+0x163/0x280
[  240.863467][T10373]  __should_failslab+0x121/0x190
[  240.868391][T10373]  should_failslab+0x9/0x14
[  240.872897][T10373]  kmem_cache_alloc_node_trace+0x270/0x720
[  240.878788][T10373]  __kmalloc_node_track_caller+0x3d/0x70
[  240.884423][T10373]  __kmalloc_reserve.isra.0+0x40/0xf0
[  240.889787][T10373]  __alloc_skb+0x10b/0x5e0
[  240.894214][T10373]  ? skb_trim+0x190/0x190
[  240.898540][T10373]  ? find_get_entry+0x535/0x880
[  240.903394][T10373]  vhci_write+0xc4/0x470
[  240.907624][T10373]  new_sync_write+0x4c7/0x760
[  240.912334][T10373]  ? default_llseek+0x2e0/0x2e0
[  240.917201][T10373]  ? copy_page_to_iter+0x4e7/0xd60
[  240.922318][T10373]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  240.928544][T10373]  ? put_page+0xce/0x130
[  240.932780][T10373]  __vfs_write+0xe4/0x110
[  240.937098][T10373]  __kernel_write+0x110/0x3b0
[  240.941777][T10373]  write_pipe_buf+0x15d/0x1f0
[  240.946448][T10373]  ? aa_file_perm+0x432/0xeb0
[  240.951126][T10373]  ? do_splice_direct+0x2a0/0x2a0
[  240.956314][T10373]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  240.962565][T10373]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  240.968655][T10373]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  240.974901][T10373]  __splice_from_pipe+0x395/0x7d0
[  240.979917][T10373]  ? do_splice_direct+0x2a0/0x2a0
[  240.984943][T10373]  ? do_splice_direct+0x2a0/0x2a0
[  240.989951][T10373]  splice_from_pipe+0x108/0x170
[  240.994788][T10373]  ? splice_shrink_spd+0xd0/0xd0
[  240.999756][T10373]  default_file_splice_write+0x3c/0x90
[  241.005218][T10373]  ? generic_splice_sendpage+0x50/0x50
[  241.010660][T10373]  direct_splice_actor+0x126/0x1a0
[  241.015778][T10373]  splice_direct_to_actor+0x369/0x970
[  241.021142][T10373]  ? generic_pipe_buf_nosteal+0x10/0x10
[  241.026695][T10373]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  241.032923][T10373]  ? do_splice_to+0x190/0x190
[  241.037614][T10373]  ? rw_verify_area+0x118/0x360
[  241.042449][T10373]  do_splice_direct+0x1da/0x2a0
[  241.047312][T10373]  ? splice_direct_to_actor+0x970/0x970
[  241.052874][T10373]  ? rw_verify_area+0x118/0x360
[  241.057802][T10373]  do_sendfile+0x597/0xd00
[  241.062210][T10373]  ? do_compat_pwritev64+0x1c0/0x1c0
[  241.067494][T10373]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  241.073731][T10373]  ? _copy_from_user+0xdd/0x150
[  241.078601][T10373]  __x64_sys_sendfile64+0x15a/0x220
[  241.083822][T10373]  ? __ia32_sys_sendfile+0x230/0x230
[  241.089092][T10373]  ? do_syscall_64+0x26/0x610
[  241.093755][T10373]  ? lockdep_hardirqs_on+0x418/0x5d0
[  241.099046][T10373]  ? trace_hardirqs_on+0x67/0x230
[  241.104057][T10373]  do_syscall_64+0x103/0x610
[  241.108642][T10373]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  241.114540][T10373] RIP: 0033:0x457f29
[  241.118416][T10373] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  241.138002][T10373] RSP: 002b:00007f77f0e4bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  241.146420][T10373] RAX: ffffffffffffffda RBX: 00007f77f0e4bc90 RCX: 0000000000457f29
[  241.154383][T10373] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  241.162364][T10373] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
18:24:54 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:54 executing program 2:
r0 = socket$inet6(0xa, 0x0, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:54 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:54 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:54 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  241.170318][T10373] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f77f0e4c6d4
[  241.178296][T10373] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:54 executing program 3 (fault-call:5 fault-nth:4):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:54 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:54 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:54 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:54 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  241.362639][T10394] FAULT_INJECTION: forcing a failure.
[  241.362639][T10394] name failslab, interval 1, probability 0, space 0, times 0
[  241.450303][T10394] CPU: 1 PID: 10394 Comm: syz-executor.3 Not tainted 5.0.0-next-20190306 #4
[  241.459628][T10394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  241.470418][T10394] Call Trace:
[  241.474429][T10394]  dump_stack+0x172/0x1f0
[  241.479130][T10394]  should_fail.cold+0xa/0x15
[  241.483837][T10394]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  241.489752][T10394]  ? ___might_sleep+0x163/0x280
[  241.494615][T10394]  __should_failslab+0x121/0x190
[  241.499566][T10394]  should_failslab+0x9/0x14
[  241.504091][T10394]  kmem_cache_alloc_node+0x264/0x710
[  241.509394][T10394]  __alloc_skb+0xd5/0x5e0
[  241.509446][T10394]  ? skb_trim+0x190/0x190
[  241.509461][T10394]  ? vhci_write+0x2b3/0x470
[  241.509543][T10394]  ? rcu_read_lock_sched_held+0x110/0x130
[  241.509564][T10394]  ? kmem_cache_free+0x225/0x260
[  241.522705][T10394]  __vhci_create_device+0x88/0x5a0
[  241.522723][T10394]  vhci_write+0x2d0/0x470
[  241.522743][T10394]  new_sync_write+0x4c7/0x760
[  241.522761][T10394]  ? default_llseek+0x2e0/0x2e0
[  241.522777][T10394]  ? copy_page_to_iter+0x4e7/0xd60
[  241.522803][T10394]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  241.522817][T10394]  ? put_page+0xce/0x130
[  241.522839][T10394]  __vfs_write+0xe4/0x110
[  241.522855][T10394]  __kernel_write+0x110/0x3b0
[  241.522874][T10394]  write_pipe_buf+0x15d/0x1f0
[  241.522890][T10394]  ? aa_file_perm+0x432/0xeb0
[  241.522909][T10394]  ? do_splice_direct+0x2a0/0x2a0
[  241.578455][T10394]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
18:24:54 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  241.578473][T10394]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  241.578489][T10394]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  241.578508][T10394]  __splice_from_pipe+0x395/0x7d0
[  241.578524][T10394]  ? do_splice_direct+0x2a0/0x2a0
[  241.578546][T10394]  ? do_splice_direct+0x2a0/0x2a0
[  241.587908][T10394]  splice_from_pipe+0x108/0x170
[  241.587928][T10394]  ? splice_shrink_spd+0xd0/0xd0
[  241.587960][T10394]  default_file_splice_write+0x3c/0x90
[  241.587974][T10394]  ? generic_splice_sendpage+0x50/0x50
18:24:54 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  241.587998][T10394]  direct_splice_actor+0x126/0x1a0
[  241.653878][T10394]  splice_direct_to_actor+0x369/0x970
[  241.659273][T10394]  ? generic_pipe_buf_nosteal+0x10/0x10
[  241.664942][T10394]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  241.671225][T10394]  ? do_splice_to+0x190/0x190
[  241.675923][T10394]  ? rw_verify_area+0x118/0x360
[  241.680799][T10394]  do_splice_direct+0x1da/0x2a0
[  241.685662][T10394]  ? splice_direct_to_actor+0x970/0x970
[  241.691229][T10394]  ? rw_verify_area+0x118/0x360
[  241.696094][T10394]  do_sendfile+0x597/0xd00
[  241.700559][T10394]  ? do_compat_pwritev64+0x1c0/0x1c0
[  241.706065][T10394]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  241.712765][T10394]  ? _copy_from_user+0xdd/0x150
[  241.717634][T10394]  __x64_sys_sendfile64+0x15a/0x220
[  241.722838][T10394]  ? __ia32_sys_sendfile+0x230/0x230
[  241.728241][T10394]  ? do_syscall_64+0x26/0x610
[  241.732956][T10394]  ? lockdep_hardirqs_on+0x418/0x5d0
[  241.738248][T10394]  ? trace_hardirqs_on+0x67/0x230
[  241.743289][T10394]  do_syscall_64+0x103/0x610
[  241.747890][T10394]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  241.753799][T10394] RIP: 0033:0x457f29
[  241.757822][T10394] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  241.777513][T10394] RSP: 002b:00007f77f0e4bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  241.785935][T10394] RAX: ffffffffffffffda RBX: 00007f77f0e4bc90 RCX: 0000000000457f29
[  241.793919][T10394] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  241.801904][T10394] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  241.809888][T10394] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f77f0e4c6d4
[  241.818348][T10394] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:55 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:55 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:55 executing program 3 (fault-call:5 fault-nth:5):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:55 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f91"], 0xe)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:55 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:55 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  242.131676][T10433] FAULT_INJECTION: forcing a failure.
[  242.131676][T10433] name failslab, interval 1, probability 0, space 0, times 0
[  242.144691][T10433] CPU: 0 PID: 10433 Comm: syz-executor.3 Not tainted 5.0.0-next-20190306 #4
[  242.144710][T10433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  242.163632][T10433] Call Trace:
[  242.166939][T10433]  dump_stack+0x172/0x1f0
[  242.171291][T10433]  should_fail.cold+0xa/0x15
[  242.175893][T10433]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  242.181711][T10433]  ? ___might_sleep+0x163/0x280
[  242.186697][T10433]  __should_failslab+0x121/0x190
[  242.191643][T10433]  should_failslab+0x9/0x14
[  242.196158][T10433]  kmem_cache_alloc_node_trace+0x270/0x720
[  242.201978][T10433]  __kmalloc_node_track_caller+0x3d/0x70
[  242.202000][T10433]  __kmalloc_reserve.isra.0+0x40/0xf0
[  242.202018][T10433]  __alloc_skb+0x10b/0x5e0
[  242.202051][T10433]  ? skb_trim+0x190/0x190
[  242.213046][T10433]  ? vhci_write+0x2b3/0x470
[  242.213065][T10433]  ? rcu_read_lock_sched_held+0x110/0x130
[  242.213082][T10433]  ? kmem_cache_free+0x225/0x260
[  242.213103][T10433]  __vhci_create_device+0x88/0x5a0
[  242.213122][T10433]  vhci_write+0x2d0/0x470
[  242.221871][T10433]  new_sync_write+0x4c7/0x760
[  242.221891][T10433]  ? default_llseek+0x2e0/0x2e0
[  242.221909][T10433]  ? copy_page_to_iter+0x4e7/0xd60
[  242.221930][T10433]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  242.221951][T10433]  ? put_page+0xce/0x130
[  242.232164][T10433]  __vfs_write+0xe4/0x110
[  242.232185][T10433]  __kernel_write+0x110/0x3b0
[  242.232206][T10433]  write_pipe_buf+0x15d/0x1f0
[  242.232221][T10433]  ? aa_file_perm+0x432/0xeb0
[  242.232234][T10433]  ? do_splice_direct+0x2a0/0x2a0
[  242.232252][T10433]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  242.232272][T10433]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  242.232292][T10433]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  242.232308][T10433]  __splice_from_pipe+0x395/0x7d0
[  242.242499][T10433]  ? do_splice_direct+0x2a0/0x2a0
[  242.242520][T10433]  ? do_splice_direct+0x2a0/0x2a0
18:24:55 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:55 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:55 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  242.242535][T10433]  splice_from_pipe+0x108/0x170
[  242.242553][T10433]  ? splice_shrink_spd+0xd0/0xd0
[  242.242582][T10433]  default_file_splice_write+0x3c/0x90
[  242.242594][T10433]  ? generic_splice_sendpage+0x50/0x50
[  242.242616][T10433]  direct_splice_actor+0x126/0x1a0
[  242.252071][T10433]  splice_direct_to_actor+0x369/0x970
[  242.252090][T10433]  ? generic_pipe_buf_nosteal+0x10/0x10
[  242.252111][T10433]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  242.252126][T10433]  ? do_splice_to+0x190/0x190
[  242.252145][T10433]  ? rw_verify_area+0x118/0x360
[  242.252161][T10433]  do_splice_direct+0x1da/0x2a0
[  242.252180][T10433]  ? splice_direct_to_actor+0x970/0x970
[  242.273368][T10433]  ? rw_verify_area+0x118/0x360
[  242.282471][T10433]  do_sendfile+0x597/0xd00
[  242.282495][T10433]  ? do_compat_pwritev64+0x1c0/0x1c0
[  242.282516][T10433]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  242.282536][T10433]  ? _copy_from_user+0xdd/0x150
[  242.296881][T10433]  __x64_sys_sendfile64+0x15a/0x220
[  242.309165][T10433]  ? __ia32_sys_sendfile+0x230/0x230
[  242.309182][T10433]  ? do_syscall_64+0x26/0x610
[  242.309198][T10433]  ? lockdep_hardirqs_on+0x418/0x5d0
[  242.309214][T10433]  ? trace_hardirqs_on+0x67/0x230
[  242.309234][T10433]  do_syscall_64+0x103/0x610
[  242.321083][T10433]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  242.321097][T10433] RIP: 0033:0x457f29
18:24:55 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(0xffffffffffffffff)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  242.321113][T10433] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  242.321121][T10433] RSP: 002b:00007f77f0e4bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  242.321134][T10433] RAX: ffffffffffffffda RBX: 00007f77f0e4bc90 RCX: 0000000000457f29
[  242.321142][T10433] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  242.321157][T10433] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  242.331271][T10433] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f77f0e4c6d4
[  242.331279][T10433] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:55 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:55 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:55 executing program 3 (fault-call:5 fault-nth:6):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  242.726149][T10453] FAULT_INJECTION: forcing a failure.
[  242.726149][T10453] name failslab, interval 1, probability 0, space 0, times 0
[  242.789437][T10453] CPU: 0 PID: 10453 Comm: syz-executor.3 Not tainted 5.0.0-next-20190306 #4
[  242.798183][T10453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  242.808374][T10453] Call Trace:
[  242.811688][T10453]  dump_stack+0x172/0x1f0
[  242.816037][T10453]  should_fail.cold+0xa/0x15
[  242.820657][T10453]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  242.826496][T10453]  ? ___might_sleep+0x163/0x280
[  242.831454][T10453]  __should_failslab+0x121/0x190
[  242.836413][T10453]  should_failslab+0x9/0x14
[  242.840952][T10453]  kmem_cache_alloc_trace+0x2d1/0x760
[  242.840971][T10453]  ? skb_trim+0x190/0x190
[  242.840993][T10453]  ? vhci_write+0x2b3/0x470
[  242.850696][T10453]  ? rcu_read_lock_sched_held+0x110/0x130
[  242.850806][T10453]  hci_alloc_dev+0x43/0x1d00
[  242.850828][T10453]  __vhci_create_device+0x101/0x5a0
[  242.870833][T10453]  vhci_write+0x2d0/0x470
[  242.875186][T10453]  new_sync_write+0x4c7/0x760
[  242.879889][T10453]  ? default_llseek+0x2e0/0x2e0
[  242.884769][T10453]  ? copy_page_to_iter+0x4e7/0xd60
[  242.889946][T10453]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  242.896230][T10453]  ? put_page+0xce/0x130
[  242.900501][T10453]  __vfs_write+0xe4/0x110
[  242.904861][T10453]  __kernel_write+0x110/0x3b0
[  242.904876][T10453]  write_pipe_buf+0x15d/0x1f0
[  242.904886][T10453]  ? aa_file_perm+0x432/0xeb0
[  242.904894][T10453]  ? do_splice_direct+0x2a0/0x2a0
[  242.904904][T10453]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  242.904912][T10453]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  242.904920][T10453]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  242.904930][T10453]  __splice_from_pipe+0x395/0x7d0
[  242.904938][T10453]  ? do_splice_direct+0x2a0/0x2a0
[  242.904952][T10453]  ? do_splice_direct+0x2a0/0x2a0
[  242.904962][T10453]  splice_from_pipe+0x108/0x170
[  242.904977][T10453]  ? splice_shrink_spd+0xd0/0xd0
[  242.904993][T10453]  default_file_splice_write+0x3c/0x90
[  242.905003][T10453]  ? generic_splice_sendpage+0x50/0x50
[  242.905014][T10453]  direct_splice_actor+0x126/0x1a0
[  242.905037][T10453]  splice_direct_to_actor+0x369/0x970
[  242.905060][T10453]  ? generic_pipe_buf_nosteal+0x10/0x10
[  242.919068][T10453]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  242.919086][T10453]  ? do_splice_to+0x190/0x190
[  242.919106][T10453]  ? rw_verify_area+0x118/0x360
[  242.919122][T10453]  do_splice_direct+0x1da/0x2a0
[  242.919143][T10453]  ? splice_direct_to_actor+0x970/0x970
[  242.929099][T10467] FAULT_INJECTION: forcing a failure.
[  242.929099][T10467] name failslab, interval 1, probability 0, space 0, times 0
[  242.931166][T10453]  ? rw_verify_area+0x118/0x360
[  242.931187][T10453]  do_sendfile+0x597/0xd00
[  242.931224][T10453]  ? do_compat_pwritev64+0x1c0/0x1c0
[  243.050462][T10453]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  243.056737][T10453]  ? _copy_from_user+0xdd/0x150
[  243.061621][T10453]  __x64_sys_sendfile64+0x15a/0x220
[  243.066835][T10453]  ? __ia32_sys_sendfile+0x230/0x230
[  243.072164][T10453]  ? do_syscall_64+0x26/0x610
[  243.076905][T10453]  ? lockdep_hardirqs_on+0x418/0x5d0
[  243.082208][T10453]  ? trace_hardirqs_on+0x67/0x230
[  243.087347][T10453]  do_syscall_64+0x103/0x610
[  243.091953][T10453]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  243.097850][T10453] RIP: 0033:0x457f29
[  243.101925][T10453] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  243.121849][T10453] RSP: 002b:00007f77f0e4bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  243.130264][T10453] RAX: ffffffffffffffda RBX: 00007f77f0e4bc90 RCX: 0000000000457f29
18:24:56 executing program 1 (fault-call:5 fault-nth:0):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

[  243.138249][T10453] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  243.146406][T10453] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  243.154388][T10453] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f77f0e4c6d4
[  243.162551][T10453] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  243.171107][T10467] CPU: 1 PID: 10467 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
[  243.180332][T10467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  243.191875][T10467] Call Trace:
[  243.191907][T10467]  dump_stack+0x172/0x1f0
[  243.191926][T10467]  should_fail.cold+0xa/0x15
[  243.191941][T10467]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  243.191959][T10467]  ? ___might_sleep+0x163/0x280
[  243.191977][T10467]  __should_failslab+0x121/0x190
[  243.191992][T10467]  should_failslab+0x9/0x14
[  243.192006][T10467]  kmem_cache_alloc_trace+0x2d1/0x760
[  243.192032][T10467]  ? kasan_check_read+0x11/0x20
[  243.192056][T10467]  alloc_pipe_info+0xb9/0x430
[  243.192075][T10467]  splice_direct_to_actor+0x775/0x970
[  243.192089][T10467]  ? common_file_perm+0x238/0x720
[  243.192104][T10467]  ? generic_pipe_buf_nosteal+0x10/0x10
[  243.192123][T10467]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  243.192135][T10467]  ? do_splice_to+0x190/0x190
[  243.192153][T10467]  ? rw_verify_area+0x118/0x360
[  243.192170][T10467]  do_splice_direct+0x1da/0x2a0
[  243.192194][T10467]  ? splice_direct_to_actor+0x970/0x970
[  243.204466][T10467]  ? rw_verify_area+0x118/0x360
[  243.204486][T10467]  do_sendfile+0x597/0xd00
[  243.204510][T10467]  ? do_compat_pwritev64+0x1c0/0x1c0
[  243.225169][T10467]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  243.235548][T10467]  ? _copy_from_user+0xdd/0x150
[  243.245643][T10467]  __x64_sys_sendfile64+0x15a/0x220
[  243.256249][T10467]  ? __ia32_sys_sendfile+0x230/0x230
[  243.300658][T10467]  ? do_syscall_64+0x26/0x610
[  243.311757][T10467]  ? lockdep_hardirqs_on+0x418/0x5d0
[  243.311774][T10467]  ? trace_hardirqs_on+0x67/0x230
[  243.311799][T10467]  do_syscall_64+0x103/0x610
[  243.311819][T10467]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  243.311830][T10467] RIP: 0033:0x457f29
[  243.311845][T10467] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  243.311853][T10467] RSP: 002b:00007faa78a51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  243.311875][T10467] RAX: ffffffffffffffda RBX: 00007faa78a51c90 RCX: 0000000000457f29
18:24:56 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:56 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 3 (fault-call:5 fault-nth:7):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, 0x0, 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 1 (fault-call:5 fault-nth:1):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  243.338106][T10467] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  243.338117][T10467] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  243.338124][T10467] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a526d4
[  243.338131][T10467] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:56 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  243.465251][T10480] FAULT_INJECTION: forcing a failure.
[  243.465251][T10480] name failslab, interval 1, probability 0, space 0, times 0
[  243.491692][T10483] FAULT_INJECTION: forcing a failure.
[  243.491692][T10483] name failslab, interval 1, probability 0, space 0, times 0
18:24:56 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:56 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:56 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

[  243.534575][T10483] CPU: 0 PID: 10483 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
[  243.543319][T10483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  243.553399][T10483] Call Trace:
[  243.556712][T10483]  dump_stack+0x172/0x1f0
[  243.561079][T10483]  should_fail.cold+0xa/0x15
[  243.565699][T10483]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  243.571535][T10483]  ? ___might_sleep+0x163/0x280
[  243.576509][T10483]  __should_failslab+0x121/0x190
[  243.581470][T10483]  should_failslab+0x9/0x14
[  243.585990][T10483]  __kmalloc+0x2dc/0x740
[  243.590255][T10483]  ? kmem_cache_alloc_trace+0x354/0x760
[  243.595817][T10483]  ? kasan_check_read+0x11/0x20
[  243.600722][T10483]  ? alloc_pipe_info+0x199/0x430
[  243.605764][T10483]  alloc_pipe_info+0x199/0x430
[  243.610652][T10483]  splice_direct_to_actor+0x775/0x970
[  243.616046][T10483]  ? common_file_perm+0x238/0x720
[  243.621082][T10483]  ? generic_pipe_buf_nosteal+0x10/0x10
[  243.626645][T10483]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
18:24:56 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  243.632904][T10483]  ? do_splice_to+0x190/0x190
[  243.637657][T10483]  ? rw_verify_area+0x118/0x360
[  243.642542][T10483]  do_splice_direct+0x1da/0x2a0
[  243.647410][T10483]  ? splice_direct_to_actor+0x970/0x970
[  243.652980][T10483]  ? rw_verify_area+0x118/0x360
[  243.657943][T10483]  do_sendfile+0x597/0xd00
[  243.662381][T10483]  ? do_compat_pwritev64+0x1c0/0x1c0
[  243.667687][T10483]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  243.673944][T10483]  ? _copy_from_user+0xdd/0x150
[  243.678822][T10483]  __x64_sys_sendfile64+0x15a/0x220
18:24:57 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  243.684049][T10483]  ? __ia32_sys_sendfile+0x230/0x230
[  243.689358][T10483]  ? do_syscall_64+0x26/0x610
[  243.694158][T10483]  ? lockdep_hardirqs_on+0x418/0x5d0
[  243.699464][T10483]  ? trace_hardirqs_on+0x67/0x230
[  243.704504][T10483]  do_syscall_64+0x103/0x610
[  243.709140][T10483]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  243.715045][T10483] RIP: 0033:0x457f29
18:24:57 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  243.718973][T10483] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  243.738898][T10483] RSP: 002b:00007faa78a51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  243.747357][T10483] RAX: ffffffffffffffda RBX: 00007faa78a51c90 RCX: 0000000000457f29
[  243.755531][T10483] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  243.763645][T10483] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  243.771654][T10483] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a526d4
[  243.779642][T10483] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  243.811970][T10480] CPU: 1 PID: 10480 Comm: syz-executor.3 Not tainted 5.0.0-next-20190306 #4
[  243.821129][T10480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  243.831662][T10480] Call Trace:
[  243.834976][T10480]  dump_stack+0x172/0x1f0
[  243.839417][T10480]  should_fail.cold+0xa/0x15
[  243.844286][T10480]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  243.850109][T10480]  ? ___might_sleep+0x163/0x280
[  243.855013][T10480]  __should_failslab+0x121/0x190
[  243.860518][T10480]  should_failslab+0x9/0x14
[  243.865047][T10480]  __kmalloc+0x2dc/0x740
[  243.869392][T10480]  ? alloc_workqueue+0x13c/0xe70
[  243.874346][T10480]  alloc_workqueue+0x13c/0xe70
[  243.879127][T10480]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  243.884861][T10480]  ? scnprintf+0x140/0x140
[  243.889297][T10480]  ? __init_waitqueue_head+0x36/0x90
[  243.894601][T10480]  hci_register_dev+0x1b8/0x860
[  243.899536][T10480]  ? hci_init_sysfs+0x7c/0xa0
[  243.904241][T10480]  __vhci_create_device+0x2d0/0x5a0
[  243.909459][T10480]  vhci_write+0x2d0/0x470
[  243.913815][T10480]  new_sync_write+0x4c7/0x760
[  243.918508][T10480]  ? default_llseek+0x2e0/0x2e0
[  243.923868][T10480]  ? copy_page_to_iter+0x4e7/0xd60
[  243.929090][T10480]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  243.929105][T10480]  ? put_page+0xce/0x130
[  243.929139][T10480]  __vfs_write+0xe4/0x110
[  243.940554][T10480]  __kernel_write+0x110/0x3b0
[  243.940573][T10480]  write_pipe_buf+0x15d/0x1f0
[  243.940587][T10480]  ? aa_file_perm+0x432/0xeb0
[  243.940600][T10480]  ? do_splice_direct+0x2a0/0x2a0
[  243.940616][T10480]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  243.940629][T10480]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  243.940644][T10480]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  243.940662][T10480]  __splice_from_pipe+0x395/0x7d0
[  243.940676][T10480]  ? do_splice_direct+0x2a0/0x2a0
[  243.940694][T10480]  ? do_splice_direct+0x2a0/0x2a0
[  243.940706][T10480]  splice_from_pipe+0x108/0x170
[  243.940720][T10480]  ? splice_shrink_spd+0xd0/0xd0
18:24:57 executing program 1 (fault-call:5 fault-nth:2):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:57 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  243.940749][T10480]  default_file_splice_write+0x3c/0x90
[  243.940768][T10480]  ? generic_splice_sendpage+0x50/0x50
[  244.002701][T10480]  direct_splice_actor+0x126/0x1a0
[  244.002722][T10480]  splice_direct_to_actor+0x369/0x970
[  244.002744][T10480]  ? generic_pipe_buf_nosteal+0x10/0x10
[  244.013592][T10480]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  244.013607][T10480]  ? do_splice_to+0x190/0x190
[  244.013628][T10480]  ? rw_verify_area+0x118/0x360
[  244.013643][T10480]  do_splice_direct+0x1da/0x2a0
[  244.013658][T10480]  ? splice_direct_to_actor+0x970/0x970
[  244.013680][T10480]  ? rw_verify_area+0x118/0x360
[  244.013697][T10480]  do_sendfile+0x597/0xd00
[  244.013721][T10480]  ? do_compat_pwritev64+0x1c0/0x1c0
[  244.013740][T10480]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  244.013754][T10480]  ? _copy_from_user+0xdd/0x150
[  244.013769][T10480]  __x64_sys_sendfile64+0x15a/0x220
[  244.013787][T10480]  ? __ia32_sys_sendfile+0x230/0x230
[  244.013802][T10480]  ? do_syscall_64+0x26/0x610
[  244.013816][T10480]  ? lockdep_hardirqs_on+0x418/0x5d0
[  244.013832][T10480]  ? trace_hardirqs_on+0x67/0x230
[  244.013850][T10480]  do_syscall_64+0x103/0x610
[  244.013869][T10480]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  244.013887][T10480] RIP: 0033:0x457f29
[  244.040186][T10511] FAULT_INJECTION: forcing a failure.
[  244.040186][T10511] name failslab, interval 1, probability 0, space 0, times 0
[  244.042100][T10480] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  244.042110][T10480] RSP: 002b:00007f77f0e4bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  244.042125][T10480] RAX: ffffffffffffffda RBX: 00007f77f0e4bc90 RCX: 0000000000457f29
[  244.042133][T10480] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  244.042150][T10480] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  244.087983][T10480] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f77f0e4c6d4
[  244.108373][T10480] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  244.200918][T10480] Bluetooth: Can't register HCI device
[  244.209747][T10511] CPU: 0 PID: 10511 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
[  244.223517][T10511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  244.223524][T10511] Call Trace:
[  244.223549][T10511]  dump_stack+0x172/0x1f0
[  244.223570][T10511]  should_fail.cold+0xa/0x15
[  244.223589][T10511]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  244.223607][T10511]  ? ___might_sleep+0x163/0x280
[  244.223626][T10511]  __should_failslab+0x121/0x190
[  244.223641][T10511]  should_failslab+0x9/0x14
[  244.223656][T10511]  kmem_cache_alloc_node+0x264/0x710
[  244.223680][T10511]  __alloc_skb+0xd5/0x5e0
[  244.223701][T10511]  ? skb_trim+0x190/0x190
[  244.237297][T10511]  ? find_get_entry+0x535/0x880
[  244.266545][T10511]  vhci_write+0xc4/0x470
[  244.266568][T10511]  new_sync_write+0x4c7/0x760
[  244.266589][T10511]  ? default_llseek+0x2e0/0x2e0
[  244.276997][T10511]  ? copy_page_to_iter+0x4e7/0xd60
[  244.277030][T10511]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  244.277051][T10511]  ? put_page+0xce/0x130
[  244.315643][T10511]  __vfs_write+0xe4/0x110
[  244.319988][T10511]  __kernel_write+0x110/0x3b0
[  244.320008][T10511]  write_pipe_buf+0x15d/0x1f0
[  244.320036][T10511]  ? aa_file_perm+0x432/0xeb0
[  244.320051][T10511]  ? do_splice_direct+0x2a0/0x2a0
[  244.320068][T10511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  244.320093][T10511]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  244.329911][T10511]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  244.329931][T10511]  __splice_from_pipe+0x395/0x7d0
18:24:57 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:57 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  244.329946][T10511]  ? do_splice_direct+0x2a0/0x2a0
[  244.329966][T10511]  ? do_splice_direct+0x2a0/0x2a0
[  244.329985][T10511]  splice_from_pipe+0x108/0x170
[  244.339670][T10511]  ? splice_shrink_spd+0xd0/0xd0
[  244.339700][T10511]  default_file_splice_write+0x3c/0x90
[  244.339713][T10511]  ? generic_splice_sendpage+0x50/0x50
[  244.339727][T10511]  direct_splice_actor+0x126/0x1a0
[  244.339751][T10511]  splice_direct_to_actor+0x369/0x970
[  244.352076][T10511]  ? generic_pipe_buf_nosteal+0x10/0x10
[  244.352096][T10511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  244.352110][T10511]  ? do_splice_to+0x190/0x190
[  244.352129][T10511]  ? rw_verify_area+0x118/0x360
[  244.352145][T10511]  do_splice_direct+0x1da/0x2a0
[  244.352168][T10511]  ? splice_direct_to_actor+0x970/0x970
[  244.363453][T10511]  ? rw_verify_area+0x118/0x360
[  244.363471][T10511]  do_sendfile+0x597/0xd00
[  244.363496][T10511]  ? do_compat_pwritev64+0x1c0/0x1c0
[  244.363517][T10511]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  244.363530][T10511]  ? _copy_from_user+0xdd/0x150
[  244.363549][T10511]  __x64_sys_sendfile64+0x15a/0x220
[  244.373587][T10511]  ? __ia32_sys_sendfile+0x230/0x230
[  244.373605][T10511]  ? do_syscall_64+0x26/0x610
[  244.373622][T10511]  ? lockdep_hardirqs_on+0x418/0x5d0
[  244.373639][T10511]  ? trace_hardirqs_on+0x67/0x230
[  244.373660][T10511]  do_syscall_64+0x103/0x610
[  244.383438][T10511]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  244.383450][T10511] RIP: 0033:0x457f29
[  244.383466][T10511] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  244.383474][T10511] RSP: 002b:00007faa78a30c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  244.383489][T10511] RAX: ffffffffffffffda RBX: 00007faa78a30c90 RCX: 0000000000457f29
[  244.383498][T10511] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  244.383506][T10511] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  244.383514][T10511] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a316d4
18:24:57 executing program 1 (fault-call:5 fault-nth:3):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:57 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x0)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  244.383530][T10511] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:57 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2, 0x2)

18:24:58 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:58 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:24:58 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:58 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  244.798829][T10533] FAULT_INJECTION: forcing a failure.
[  244.798829][T10533] name failslab, interval 1, probability 0, space 0, times 0
[  244.852417][T10533] CPU: 0 PID: 10533 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
[  244.861144][T10533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  244.871211][T10533] Call Trace:
[  244.871240][T10533]  dump_stack+0x172/0x1f0
[  244.871269][T10533]  should_fail.cold+0xa/0x15
[  244.878884][T10533]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  244.889261][T10533]  ? ___might_sleep+0x163/0x280
[  244.894177][T10533]  __should_failslab+0x121/0x190
[  244.899133][T10533]  should_failslab+0x9/0x14
[  244.903675][T10533]  kmem_cache_alloc_node_trace+0x270/0x720
[  244.909516][T10533]  __kmalloc_node_track_caller+0x3d/0x70
[  244.915254][T10533]  __kmalloc_reserve.isra.0+0x40/0xf0
[  244.920735][T10533]  __alloc_skb+0x10b/0x5e0
[  244.925167][T10533]  ? skb_trim+0x190/0x190
[  244.929511][T10533]  ? find_get_entry+0x535/0x880
[  244.934376][T10533]  vhci_write+0xc4/0x470
[  244.938631][T10533]  new_sync_write+0x4c7/0x760
[  244.943329][T10533]  ? default_llseek+0x2e0/0x2e0
[  244.948192][T10533]  ? copy_page_to_iter+0x4e7/0xd60
[  244.953328][T10533]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  244.959663][T10533]  ? put_page+0xce/0x130
[  244.963921][T10533]  __vfs_write+0xe4/0x110
[  244.968262][T10533]  __kernel_write+0x110/0x3b0
[  244.972949][T10533]  write_pipe_buf+0x15d/0x1f0
[  244.977628][T10533]  ? aa_file_perm+0x432/0xeb0
[  244.982312][T10533]  ? do_splice_direct+0x2a0/0x2a0
[  244.987340][T10533]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  244.993679][T10533]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  244.999751][T10533]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  245.006004][T10533]  __splice_from_pipe+0x395/0x7d0
[  245.011060][T10533]  ? do_splice_direct+0x2a0/0x2a0
[  245.016096][T10533]  ? do_splice_direct+0x2a0/0x2a0
[  245.021128][T10533]  splice_from_pipe+0x108/0x170
[  245.025990][T10533]  ? splice_shrink_spd+0xd0/0xd0
[  245.030956][T10533]  default_file_splice_write+0x3c/0x90
[  245.036424][T10533]  ? generic_splice_sendpage+0x50/0x50
[  245.041896][T10533]  direct_splice_actor+0x126/0x1a0
[  245.047035][T10533]  splice_direct_to_actor+0x369/0x970
[  245.052444][T10533]  ? generic_pipe_buf_nosteal+0x10/0x10
[  245.058010][T10533]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  245.064272][T10533]  ? do_splice_to+0x190/0x190
[  245.068967][T10533]  ? rw_verify_area+0x118/0x360
[  245.073842][T10533]  do_splice_direct+0x1da/0x2a0
[  245.078696][T10533]  ? splice_direct_to_actor+0x970/0x970
[  245.084257][T10533]  ? rw_verify_area+0x118/0x360
[  245.089116][T10533]  do_sendfile+0x597/0xd00
[  245.093552][T10533]  ? do_compat_pwritev64+0x1c0/0x1c0
[  245.098854][T10533]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  245.105133][T10533]  ? _copy_from_user+0xdd/0x150
[  245.110167][T10533]  __x64_sys_sendfile64+0x15a/0x220
[  245.115379][T10533]  ? __ia32_sys_sendfile+0x230/0x230
[  245.120686][T10533]  ? do_syscall_64+0x26/0x610
[  245.125376][T10533]  ? lockdep_hardirqs_on+0x418/0x5d0
[  245.130666][T10533]  ? trace_hardirqs_on+0x67/0x230
[  245.135704][T10533]  do_syscall_64+0x103/0x610
[  245.140308][T10533]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  245.146202][T10533] RIP: 0033:0x457f29
[  245.150104][T10533] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  245.169710][T10533] RSP: 002b:00007faa78a51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  245.178136][T10533] RAX: ffffffffffffffda RBX: 00007faa78a51c90 RCX: 0000000000457f29
[  245.186304][T10533] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  245.194287][T10533] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
18:24:58 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:58 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:58 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(0x0, 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  245.202300][T10533] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a526d4
[  245.210305][T10533] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:58 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3, 0x2)

18:24:58 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:58 executing program 1 (fault-call:5 fault-nth:4):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:58 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:58 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(r4, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:58 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:58 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4, 0x2)

18:24:58 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:24:58 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:24:58 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x5, 0x2)

18:24:58 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  245.562729][T10578] FAULT_INJECTION: forcing a failure.
[  245.562729][T10578] name failslab, interval 1, probability 0, space 0, times 0
18:24:58 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

[  245.662727][T10578] CPU: 0 PID: 10578 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
[  245.671562][T10578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  245.681636][T10578] Call Trace:
[  245.685000][T10578]  dump_stack+0x172/0x1f0
[  245.689409][T10578]  should_fail.cold+0xa/0x15
[  245.694036][T10578]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  245.699877][T10578]  ? ___might_sleep+0x163/0x280
[  245.704745][T10578]  __should_failslab+0x121/0x190
18:24:59 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

[  245.709689][T10578]  should_failslab+0x9/0x14
[  245.714201][T10578]  kmem_cache_alloc_node_trace+0x270/0x720
[  245.720040][T10578]  __kmalloc_node_track_caller+0x3d/0x70
[  245.725690][T10578]  __kmalloc_reserve.isra.0+0x40/0xf0
[  245.731081][T10578]  __alloc_skb+0x10b/0x5e0
[  245.735512][T10578]  ? skb_trim+0x190/0x190
[  245.739854][T10578]  ? find_get_entry+0x535/0x880
[  245.739876][T10578]  vhci_write+0xc4/0x470
[  245.739896][T10578]  new_sync_write+0x4c7/0x760
[  245.739917][T10578]  ? default_llseek+0x2e0/0x2e0
18:24:59 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  245.758504][T10578]  ? copy_page_to_iter+0x4e7/0xd60
[  245.763643][T10578]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  245.769895][T10578]  ? put_page+0xce/0x130
[  245.774195][T10578]  __vfs_write+0xe4/0x110
[  245.778630][T10578]  __kernel_write+0x110/0x3b0
[  245.783333][T10578]  write_pipe_buf+0x15d/0x1f0
[  245.788032][T10578]  ? aa_file_perm+0x432/0xeb0
[  245.792726][T10578]  ? do_splice_direct+0x2a0/0x2a0
[  245.792745][T10578]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  245.792765][T10578]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  245.804019][T10578]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  245.804049][T10578]  __splice_from_pipe+0x395/0x7d0
[  245.804063][T10578]  ? do_splice_direct+0x2a0/0x2a0
[  245.804084][T10578]  ? do_splice_direct+0x2a0/0x2a0
[  245.804097][T10578]  splice_from_pipe+0x108/0x170
[  245.804117][T10578]  ? splice_shrink_spd+0xd0/0xd0
[  245.841495][T10578]  default_file_splice_write+0x3c/0x90
[  245.846969][T10578]  ? generic_splice_sendpage+0x50/0x50
[  245.852454][T10578]  direct_splice_actor+0x126/0x1a0
[  245.857592][T10578]  splice_direct_to_actor+0x369/0x970
[  245.862981][T10578]  ? generic_pipe_buf_nosteal+0x10/0x10
[  245.868553][T10578]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  245.874802][T10578]  ? do_splice_to+0x190/0x190
[  245.879500][T10578]  ? rw_verify_area+0x118/0x360
[  245.884369][T10578]  do_splice_direct+0x1da/0x2a0
[  245.889238][T10578]  ? splice_direct_to_actor+0x970/0x970
[  245.889266][T10578]  ? rw_verify_area+0x118/0x360
[  245.889291][T10578]  do_sendfile+0x597/0xd00
[  245.889316][T10578]  ? do_compat_pwritev64+0x1c0/0x1c0
[  245.904236][T10578]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  245.904256][T10578]  ? _copy_from_user+0xdd/0x150
[  245.904277][T10578]  __x64_sys_sendfile64+0x15a/0x220
[  245.926196][T10578]  ? __ia32_sys_sendfile+0x230/0x230
[  245.931517][T10578]  ? do_syscall_64+0x26/0x610
[  245.936207][T10578]  ? lockdep_hardirqs_on+0x418/0x5d0
[  245.941527][T10578]  ? trace_hardirqs_on+0x67/0x230
[  245.946569][T10578]  do_syscall_64+0x103/0x610
[  245.951181][T10578]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  245.957083][T10578] RIP: 0033:0x457f29
[  245.960989][T10578] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  245.980696][T10578] RSP: 002b:00007faa78a51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  245.989115][T10578] RAX: ffffffffffffffda RBX: 00007faa78a51c90 RCX: 0000000000457f29
[  245.997094][T10578] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  246.005078][T10578] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  246.013067][T10578] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a526d4
[  246.021058][T10578] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:24:59 executing program 1 (fault-call:5 fault-nth:5):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:59 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:59 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:24:59 executing program 0 (fault-call:5 fault-nth:0):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:24:59 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:24:59 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6, 0x2)

18:24:59 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  246.160919][T10613] FAULT_INJECTION: forcing a failure.
[  246.160919][T10613] name failslab, interval 1, probability 0, space 0, times 0
[  246.195880][T10613] CPU: 1 PID: 10613 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
18:24:59 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d1dff4efee39b224493b7e00fee309bb5ff84c5302046e2348a56c1b13b5874b620a5d49f9d3817d6145f80eddab5b1c5ef36aa"], 0x66)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  246.204610][T10613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  246.214703][T10613] Call Trace:
[  246.218009][T10613]  dump_stack+0x172/0x1f0
[  246.222832][T10613]  should_fail.cold+0xa/0x15
[  246.227445][T10613]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  246.227470][T10613]  ? ___might_sleep+0x163/0x280
[  246.227493][T10613]  __should_failslab+0x121/0x190
[  246.227513][T10613]  should_failslab+0x9/0x14
[  246.227538][T10613]  kmem_cache_alloc_node+0x264/0x710
[  246.239485][T10626] FAULT_INJECTION: forcing a failure.
[  246.239485][T10626] name failslab, interval 1, probability 0, space 0, times 0
[  246.243569][T10613]  __alloc_skb+0xd5/0x5e0
[  246.243590][T10613]  ? skb_trim+0x190/0x190
[  246.253370][T10613]  ? vhci_write+0x2b3/0x470
[  246.280664][T10613]  ? rcu_read_lock_sched_held+0x110/0x130
[  246.286394][T10613]  ? kmem_cache_free+0x225/0x260
[  246.291349][T10613]  __vhci_create_device+0x88/0x5a0
[  246.296472][T10613]  vhci_write+0x2d0/0x470
[  246.300825][T10613]  new_sync_write+0x4c7/0x760
[  246.305519][T10613]  ? default_llseek+0x2e0/0x2e0
[  246.310385][T10613]  ? copy_page_to_iter+0x4e7/0xd60
[  246.315509][T10613]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  246.322209][T10613]  ? put_page+0xce/0x130
[  246.326477][T10613]  __vfs_write+0xe4/0x110
[  246.330831][T10613]  __kernel_write+0x110/0x3b0
[  246.335524][T10613]  write_pipe_buf+0x15d/0x1f0
[  246.340208][T10613]  ? aa_file_perm+0x432/0xeb0
[  246.344891][T10613]  ? do_splice_direct+0x2a0/0x2a0
[  246.349925][T10613]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  246.356188][T10613]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  246.362358][T10613]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  246.368632][T10613]  __splice_from_pipe+0x395/0x7d0
[  246.373664][T10613]  ? do_splice_direct+0x2a0/0x2a0
[  246.378712][T10613]  ? do_splice_direct+0x2a0/0x2a0
[  246.383744][T10613]  splice_from_pipe+0x108/0x170
[  246.388612][T10613]  ? splice_shrink_spd+0xd0/0xd0
[  246.393567][T10613]  default_file_splice_write+0x3c/0x90
[  246.399045][T10613]  ? generic_splice_sendpage+0x50/0x50
[  246.404518][T10613]  direct_splice_actor+0x126/0x1a0
18:24:59 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  246.409644][T10613]  splice_direct_to_actor+0x369/0x970
[  246.415042][T10613]  ? generic_pipe_buf_nosteal+0x10/0x10
[  246.420606][T10613]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  246.427328][T10613]  ? do_splice_to+0x190/0x190
[  246.432011][T10613]  ? rw_verify_area+0x118/0x360
[  246.432038][T10613]  do_splice_direct+0x1da/0x2a0
[  246.432055][T10613]  ? splice_direct_to_actor+0x970/0x970
[  246.432078][T10613]  ? rw_verify_area+0x118/0x360
[  246.432096][T10613]  do_sendfile+0x597/0xd00
[  246.432119][T10613]  ? do_compat_pwritev64+0x1c0/0x1c0
[  246.462749][T10613]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  246.469041][T10613]  ? _copy_from_user+0xdd/0x150
[  246.473907][T10613]  __x64_sys_sendfile64+0x15a/0x220
[  246.479119][T10613]  ? __ia32_sys_sendfile+0x230/0x230
[  246.484413][T10613]  ? do_syscall_64+0x26/0x610
[  246.489103][T10613]  ? lockdep_hardirqs_on+0x418/0x5d0
[  246.494404][T10613]  ? trace_hardirqs_on+0x67/0x230
[  246.499442][T10613]  do_syscall_64+0x103/0x610
[  246.504052][T10613]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
18:24:59 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  246.509949][T10613] RIP: 0033:0x457f29
[  246.514034][T10613] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  246.534195][T10613] RSP: 002b:00007faa78a51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  246.542619][T10613] RAX: ffffffffffffffda RBX: 00007faa78a51c90 RCX: 0000000000457f29
[  246.550691][T10613] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  246.558673][T10613] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  246.566654][T10613] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a526d4
[  246.574641][T10613] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  246.591150][T10626] CPU: 0 PID: 10626 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  246.599963][T10626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
18:24:59 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, 0x0, 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  246.610122][T10626] Call Trace:
[  246.613430][T10626]  dump_stack+0x172/0x1f0
[  246.617770][T10626]  should_fail.cold+0xa/0x15
[  246.622368][T10626]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  246.628199][T10626]  ? ___might_sleep+0x163/0x280
[  246.633105][T10626]  __should_failslab+0x121/0x190
[  246.638065][T10626]  should_failslab+0x9/0x14
[  246.642579][T10626]  kmem_cache_alloc_trace+0x2d1/0x760
[  246.647966][T10626]  ? kasan_check_read+0x11/0x20
[  246.652834][T10626]  alloc_pipe_info+0xb9/0x430
[  246.657520][T10626]  splice_direct_to_actor+0x775/0x970
[  246.662906][T10626]  ? common_file_perm+0x238/0x720
[  246.667919][T10626]  ? generic_pipe_buf_nosteal+0x10/0x10
[  246.673457][T10626]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  246.679680][T10626]  ? do_splice_to+0x190/0x190
[  246.684345][T10626]  ? rw_verify_area+0x118/0x360
[  246.689180][T10626]  do_splice_direct+0x1da/0x2a0
[  246.694065][T10626]  ? splice_direct_to_actor+0x970/0x970
[  246.699806][T10626]  ? rw_verify_area+0x118/0x360
[  246.704650][T10626]  do_sendfile+0x597/0xd00
[  246.709071][T10626]  ? do_compat_pwritev64+0x1c0/0x1c0
[  246.714351][T10626]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  246.720592][T10626]  ? _copy_from_user+0xdd/0x150
[  246.725516][T10626]  __x64_sys_sendfile64+0x15a/0x220
[  246.730698][T10626]  ? __ia32_sys_sendfile+0x230/0x230
[  246.735969][T10626]  ? do_syscall_64+0x26/0x610
[  246.740632][T10626]  ? lockdep_hardirqs_on+0x418/0x5d0
[  246.745900][T10626]  ? trace_hardirqs_on+0x67/0x230
[  246.750914][T10626]  do_syscall_64+0x103/0x610
[  246.755490][T10626]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  246.761361][T10626] RIP: 0033:0x457f29
[  246.765247][T10626] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  246.784866][T10626] RSP: 002b:00007f45b2815c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  246.796957][T10626] RAX: ffffffffffffffda RBX: 00007f45b2815c90 RCX: 0000000000457f29
[  246.805051][T10626] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
18:25:00 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7, 0x2)

[  246.813015][T10626] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  246.821002][T10626] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28166d4
[  246.828984][T10626] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:00 executing program 1 (fault-call:5 fault-nth:6):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:00 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:25:00 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:00 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:00 executing program 0 (fault-call:5 fault-nth:1):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:00 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x8, 0x2)

[  247.018915][T10651] FAULT_INJECTION: forcing a failure.
[  247.018915][T10651] name failslab, interval 1, probability 0, space 0, times 0
[  247.095431][T10651] CPU: 1 PID: 10651 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
[  247.104174][T10651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  247.114243][T10651] Call Trace:
[  247.117559][T10651]  dump_stack+0x172/0x1f0
[  247.122397][T10651]  should_fail.cold+0xa/0x15
[  247.127006][T10651]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  247.132837][T10651]  ? ___might_sleep+0x163/0x280
[  247.137701][T10651]  __should_failslab+0x121/0x190
[  247.142659][T10651]  should_failslab+0x9/0x14
[  247.147181][T10651]  kmem_cache_alloc_trace+0x2d1/0x760
[  247.148138][T10665] FAULT_INJECTION: forcing a failure.
[  247.148138][T10665] name failslab, interval 1, probability 0, space 0, times 0
[  247.152571][T10651]  ? skb_trim+0x190/0x190
[  247.152587][T10651]  ? vhci_write+0x2b3/0x470
[  247.152601][T10651]  ? rcu_read_lock_sched_held+0x110/0x130
[  247.152619][T10651]  hci_alloc_dev+0x43/0x1d00
[  247.152635][T10651]  __vhci_create_device+0x101/0x5a0
[  247.152651][T10651]  vhci_write+0x2d0/0x470
[  247.152670][T10651]  new_sync_write+0x4c7/0x760
[  247.152688][T10651]  ? default_llseek+0x2e0/0x2e0
[  247.152704][T10651]  ? copy_page_to_iter+0x4e7/0xd60
[  247.152728][T10651]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  247.214766][T10651]  ? put_page+0xce/0x130
[  247.219055][T10651]  __vfs_write+0xe4/0x110
[  247.223873][T10651]  __kernel_write+0x110/0x3b0
[  247.228562][T10651]  write_pipe_buf+0x15d/0x1f0
[  247.233257][T10651]  ? aa_file_perm+0x432/0xeb0
[  247.237967][T10651]  ? do_splice_direct+0x2a0/0x2a0
[  247.243005][T10651]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  247.249267][T10651]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  247.255461][T10651]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  247.262163][T10651]  __splice_from_pipe+0x395/0x7d0
[  247.262179][T10651]  ? do_splice_direct+0x2a0/0x2a0
[  247.262198][T10651]  ? do_splice_direct+0x2a0/0x2a0
[  247.262211][T10651]  splice_from_pipe+0x108/0x170
[  247.262226][T10651]  ? splice_shrink_spd+0xd0/0xd0
[  247.262255][T10651]  default_file_splice_write+0x3c/0x90
[  247.262268][T10651]  ? generic_splice_sendpage+0x50/0x50
[  247.262288][T10651]  direct_splice_actor+0x126/0x1a0
[  247.282182][T10651]  splice_direct_to_actor+0x369/0x970
[  247.282201][T10651]  ? generic_pipe_buf_nosteal+0x10/0x10
[  247.282223][T10651]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  247.298056][T10651]  ? do_splice_to+0x190/0x190
[  247.298078][T10651]  ? rw_verify_area+0x118/0x360
[  247.298096][T10651]  do_splice_direct+0x1da/0x2a0
[  247.298117][T10651]  ? splice_direct_to_actor+0x970/0x970
[  247.340720][T10651]  ? rw_verify_area+0x118/0x360
[  247.345591][T10651]  do_sendfile+0x597/0xd00
[  247.350041][T10651]  ? do_compat_pwritev64+0x1c0/0x1c0
[  247.355347][T10651]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  247.361590][T10651]  ? _copy_from_user+0xdd/0x150
[  247.366456][T10651]  __x64_sys_sendfile64+0x15a/0x220
[  247.371660][T10651]  ? __ia32_sys_sendfile+0x230/0x230
[  247.376950][T10651]  ? do_syscall_64+0x26/0x610
[  247.381640][T10651]  ? lockdep_hardirqs_on+0x418/0x5d0
[  247.386934][T10651]  ? trace_hardirqs_on+0x67/0x230
[  247.392480][T10651]  do_syscall_64+0x103/0x610
[  247.397083][T10651]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  247.402983][T10651] RIP: 0033:0x457f29
[  247.406884][T10651] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  247.426978][T10651] RSP: 002b:00007faa78a51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  247.435406][T10651] RAX: ffffffffffffffda RBX: 00007faa78a51c90 RCX: 0000000000457f29
18:25:00 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  247.443388][T10651] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  247.451378][T10651] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  247.459368][T10651] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a526d4
[  247.467356][T10651] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  247.475362][T10665] CPU: 0 PID: 10665 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  247.484060][T10665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
18:25:00 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

[  247.494128][T10665] Call Trace:
[  247.497433][T10665]  dump_stack+0x172/0x1f0
[  247.501787][T10665]  should_fail.cold+0xa/0x15
[  247.506410][T10665]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  247.512233][T10665]  ? ___might_sleep+0x163/0x280
[  247.517115][T10665]  __should_failslab+0x121/0x190
[  247.522078][T10665]  should_failslab+0x9/0x14
[  247.526623][T10665]  __kmalloc+0x2dc/0x740
[  247.530887][T10665]  ? kmem_cache_alloc_trace+0x354/0x760
[  247.536563][T10665]  ? kasan_check_read+0x11/0x20
[  247.541431][T10665]  ? alloc_pipe_info+0x199/0x430
18:25:00 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:00 executing program 1 (fault-call:5 fault-nth:7):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  247.546401][T10665]  alloc_pipe_info+0x199/0x430
[  247.551197][T10665]  splice_direct_to_actor+0x775/0x970
[  247.556579][T10665]  ? common_file_perm+0x238/0x720
[  247.561632][T10665]  ? generic_pipe_buf_nosteal+0x10/0x10
[  247.567202][T10665]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  247.573478][T10665]  ? do_splice_to+0x190/0x190
[  247.578192][T10665]  ? rw_verify_area+0x118/0x360
[  247.583080][T10665]  do_splice_direct+0x1da/0x2a0
[  247.587955][T10665]  ? splice_direct_to_actor+0x970/0x970
[  247.593717][T10665]  ? rw_verify_area+0x118/0x360
[  247.598630][T10665]  do_sendfile+0x597/0xd00
[  247.603096][T10665]  ? do_compat_pwritev64+0x1c0/0x1c0
[  247.606461][T10676] FAULT_INJECTION: forcing a failure.
[  247.606461][T10676] name failslab, interval 1, probability 0, space 0, times 0
[  247.608406][T10665]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  247.608421][T10665]  ? _copy_from_user+0xdd/0x150
[  247.608443][T10665]  __x64_sys_sendfile64+0x15a/0x220
[  247.637373][T10665]  ? __ia32_sys_sendfile+0x230/0x230
[  247.642791][T10665]  ? do_syscall_64+0x26/0x610
[  247.647500][T10665]  ? lockdep_hardirqs_on+0x418/0x5d0
[  247.652808][T10665]  ? trace_hardirqs_on+0x67/0x230
[  247.657851][T10665]  do_syscall_64+0x103/0x610
[  247.662479][T10665]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  247.668400][T10665] RIP: 0033:0x457f29
[  247.672318][T10665] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  247.691936][T10665] RSP: 002b:00007f45b2815c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  247.700371][T10665] RAX: ffffffffffffffda RBX: 00007f45b2815c90 RCX: 0000000000457f29
[  247.708365][T10665] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  247.716350][T10665] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  247.724336][T10665] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28166d4
[  247.732326][T10665] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  247.740354][T10676] CPU: 1 PID: 10676 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
[  247.749062][T10676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  247.759142][T10676] Call Trace:
[  247.762460][T10676]  dump_stack+0x172/0x1f0
[  247.766821][T10676]  should_fail.cold+0xa/0x15
[  247.771438][T10676]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  247.777324][T10676]  ? ___might_sleep+0x163/0x280
[  247.782197][T10676]  __should_failslab+0x121/0x190
[  247.787155][T10676]  should_failslab+0x9/0x14
[  247.791765][T10676]  __kmalloc+0x2dc/0x740
18:25:01 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  247.796061][T10676]  ? alloc_workqueue+0x13c/0xe70
[  247.801045][T10676]  alloc_workqueue+0x13c/0xe70
[  247.805837][T10676]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  247.811572][T10676]  ? scnprintf+0x140/0x140
[  247.816006][T10676]  ? __init_waitqueue_head+0x36/0x90
[  247.821827][T10676]  hci_register_dev+0x1b8/0x860
[  247.826705][T10676]  ? hci_init_sysfs+0x7c/0xa0
[  247.831433][T10676]  __vhci_create_device+0x2d0/0x5a0
[  247.836647][T10676]  vhci_write+0x2d0/0x470
[  247.841103][T10676]  new_sync_write+0x4c7/0x760
18:25:01 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  247.845805][T10676]  ? default_llseek+0x2e0/0x2e0
[  247.850677][T10676]  ? copy_page_to_iter+0x4e7/0xd60
[  247.855814][T10676]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  247.862079][T10676]  ? put_page+0xce/0x130
[  247.866347][T10676]  __vfs_write+0xe4/0x110
[  247.870699][T10676]  __kernel_write+0x110/0x3b0
[  247.875398][T10676]  write_pipe_buf+0x15d/0x1f0
[  247.880093][T10676]  ? aa_file_perm+0x432/0xeb0
[  247.880111][T10676]  ? do_splice_direct+0x2a0/0x2a0
[  247.880129][T10676]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  247.880145][T10676]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  247.880158][T10676]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  247.880175][T10676]  __splice_from_pipe+0x395/0x7d0
[  247.880188][T10676]  ? do_splice_direct+0x2a0/0x2a0
[  247.880207][T10676]  ? do_splice_direct+0x2a0/0x2a0
[  247.880221][T10676]  splice_from_pipe+0x108/0x170
[  247.880239][T10676]  ? splice_shrink_spd+0xd0/0xd0
[  247.880265][T10676]  default_file_splice_write+0x3c/0x90
[  247.880277][T10676]  ? generic_splice_sendpage+0x50/0x50
18:25:01 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  247.880304][T10676]  direct_splice_actor+0x126/0x1a0
[  247.890053][T10676]  splice_direct_to_actor+0x369/0x970
[  247.890074][T10676]  ? generic_pipe_buf_nosteal+0x10/0x10
[  247.890093][T10676]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  247.890105][T10676]  ? do_splice_to+0x190/0x190
[  247.890125][T10676]  ? rw_verify_area+0x118/0x360
[  247.890141][T10676]  do_splice_direct+0x1da/0x2a0
[  247.890157][T10676]  ? splice_direct_to_actor+0x970/0x970
[  247.890181][T10676]  ? rw_verify_area+0x118/0x360
[  247.890205][T10676]  do_sendfile+0x597/0xd00
[  247.996338][T10676]  ? do_compat_pwritev64+0x1c0/0x1c0
[  248.001648][T10676]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  248.007900][T10676]  ? _copy_from_user+0xdd/0x150
[  248.012771][T10676]  __x64_sys_sendfile64+0x15a/0x220
[  248.017997][T10676]  ? __ia32_sys_sendfile+0x230/0x230
[  248.024325][T10676]  ? do_syscall_64+0x26/0x610
[  248.029018][T10676]  ? lockdep_hardirqs_on+0x418/0x5d0
[  248.034333][T10676]  ? trace_hardirqs_on+0x67/0x230
[  248.039382][T10676]  do_syscall_64+0x103/0x610
[  248.043991][T10676]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  248.049900][T10676] RIP: 0033:0x457f29
[  248.053814][T10676] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  248.073522][T10676] RSP: 002b:00007faa78a51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  248.073537][T10676] RAX: ffffffffffffffda RBX: 00007faa78a51c90 RCX: 0000000000457f29
[  248.073544][T10676] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
18:25:01 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  248.073551][T10676] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  248.073558][T10676] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a526d4
[  248.073566][T10676] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  248.091156][T10676] Bluetooth: Can't register HCI device
18:25:01 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xa, 0x2)

18:25:01 executing program 0 (fault-call:5 fault-nth:2):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:01 executing program 1 (fault-call:5 fault-nth:8):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:01 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x0)

18:25:01 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  248.290650][   T26] audit: type=1800 audit(1552501501.586:36): pid=10696 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="sda1" ino=16735 res=0
[  248.354092][T10703] FAULT_INJECTION: forcing a failure.
[  248.354092][T10703] name failslab, interval 1, probability 0, space 0, times 0
[  248.376605][T10703] CPU: 0 PID: 10703 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  248.385353][T10703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  248.385370][T10703] Call Trace:
[  248.399266][T10703]  dump_stack+0x172/0x1f0
[  248.399397][T10704] FAULT_INJECTION: forcing a failure.
[  248.399397][T10704] name failslab, interval 1, probability 0, space 0, times 0
[  248.403634][T10703]  should_fail.cold+0xa/0x15
[  248.403653][T10703]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  248.403676][T10703]  ? ___might_sleep+0x163/0x280
[  248.431499][T10703]  __should_failslab+0x121/0x190
[  248.431518][T10703]  should_failslab+0x9/0x14
[  248.431534][T10703]  kmem_cache_alloc_node+0x264/0x710
[  248.431560][T10703]  __alloc_skb+0xd5/0x5e0
[  248.431579][T10703]  ? skb_trim+0x190/0x190
[  248.446334][T10703]  ? find_get_entry+0x535/0x880
[  248.446369][T10703]  vhci_write+0xc4/0x470
[  248.459876][T10703]  new_sync_write+0x4c7/0x760
[  248.459896][T10703]  ? default_llseek+0x2e0/0x2e0
[  248.459915][T10703]  ? copy_page_to_iter+0x4e7/0xd60
[  248.459935][T10703]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  248.459949][T10703]  ? put_page+0xce/0x130
[  248.459974][T10703]  __vfs_write+0xe4/0x110
[  248.493624][T10703]  __kernel_write+0x110/0x3b0
[  248.498323][T10703]  write_pipe_buf+0x15d/0x1f0
[  248.503020][T10703]  ? aa_file_perm+0x432/0xeb0
[  248.507722][T10703]  ? do_splice_direct+0x2a0/0x2a0
[  248.512854][T10703]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  248.519116][T10703]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  248.525200][T10703]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  248.531467][T10703]  __splice_from_pipe+0x395/0x7d0
[  248.536509][T10703]  ? do_splice_direct+0x2a0/0x2a0
[  248.541561][T10703]  ? do_splice_direct+0x2a0/0x2a0
[  248.546595][T10703]  splice_from_pipe+0x108/0x170
[  248.551462][T10703]  ? splice_shrink_spd+0xd0/0xd0
[  248.556449][T10703]  default_file_splice_write+0x3c/0x90
[  248.561925][T10703]  ? generic_splice_sendpage+0x50/0x50
[  248.567403][T10703]  direct_splice_actor+0x126/0x1a0
[  248.572539][T10703]  splice_direct_to_actor+0x369/0x970
[  248.577930][T10703]  ? generic_pipe_buf_nosteal+0x10/0x10
[  248.583497][T10703]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  248.589749][T10703]  ? do_splice_to+0x190/0x190
[  248.594458][T10703]  ? rw_verify_area+0x118/0x360
[  248.599344][T10703]  do_splice_direct+0x1da/0x2a0
[  248.604214][T10703]  ? splice_direct_to_actor+0x970/0x970
[  248.609782][T10703]  ? rw_verify_area+0x118/0x360
[  248.614661][T10703]  do_sendfile+0x597/0xd00
[  248.619101][T10703]  ? do_compat_pwritev64+0x1c0/0x1c0
[  248.624400][T10703]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  248.630655][T10703]  ? _copy_from_user+0xdd/0x150
[  248.635524][T10703]  __x64_sys_sendfile64+0x15a/0x220
[  248.640734][T10703]  ? __ia32_sys_sendfile+0x230/0x230
[  248.646045][T10703]  ? do_syscall_64+0x26/0x610
[  248.650732][T10703]  ? lockdep_hardirqs_on+0x418/0x5d0
[  248.656034][T10703]  ? trace_hardirqs_on+0x67/0x230
[  248.661071][T10703]  do_syscall_64+0x103/0x610
[  248.665670][T10703]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  248.671564][T10703] RIP: 0033:0x457f29
[  248.675462][T10703] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  248.695072][T10703] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  248.703497][T10703] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  248.711478][T10703] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  248.719575][T10703] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  248.727697][T10703] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  248.735677][T10703] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  248.743688][T10704] CPU: 1 PID: 10704 Comm: syz-executor.1 Not tainted 5.0.0-next-20190306 #4
18:25:02 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:02 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10, 0x2)

[  248.752380][T10704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  248.762453][T10704] Call Trace:
[  248.765764][T10704]  dump_stack+0x172/0x1f0
[  248.770128][T10704]  should_fail.cold+0xa/0x15
[  248.774739][T10704]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  248.780570][T10704]  ? ___might_sleep+0x163/0x280
[  248.785449][T10704]  __should_failslab+0x121/0x190
[  248.790400][T10704]  should_failslab+0x9/0x14
[  248.794926][T10704]  kmem_cache_alloc_trace+0x2d1/0x760
[  248.800326][T10704]  ? rcu_read_lock_sched_held+0x110/0x130
[  248.806072][T10704]  ? __kmalloc+0x5d5/0x740
[  248.810515][T10704]  alloc_workqueue_attrs+0x82/0x120
[  248.815733][T10704]  alloc_workqueue+0x166/0xe70
[  248.820517][T10704]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  248.827009][T10704]  ? scnprintf+0x140/0x140
[  248.831455][T10704]  ? __init_waitqueue_head+0x36/0x90
[  248.836760][T10704]  hci_register_dev+0x1b8/0x860
[  248.841639][T10704]  ? hci_init_sysfs+0x7c/0xa0
[  248.846336][T10704]  __vhci_create_device+0x2d0/0x5a0
[  248.851557][T10704]  vhci_write+0x2d0/0x470
[  248.855909][T10704]  new_sync_write+0x4c7/0x760
[  248.860610][T10704]  ? default_llseek+0x2e0/0x2e0
[  248.865478][T10704]  ? copy_page_to_iter+0x4e7/0xd60
[  248.870609][T10704]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  248.876868][T10704]  ? put_page+0xce/0x130
[  248.881413][T10704]  __vfs_write+0xe4/0x110
[  248.886143][T10704]  __kernel_write+0x110/0x3b0
[  248.890836][T10704]  write_pipe_buf+0x15d/0x1f0
[  248.895516][T10704]  ? aa_file_perm+0x432/0xeb0
[  248.900951][T10704]  ? do_splice_direct+0x2a0/0x2a0
[  248.905982][T10704]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  248.912231][T10704]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  248.918315][T10704]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  248.925069][T10704]  __splice_from_pipe+0x395/0x7d0
[  248.930110][T10704]  ? do_splice_direct+0x2a0/0x2a0
[  248.935160][T10704]  ? do_splice_direct+0x2a0/0x2a0
[  248.940203][T10704]  splice_from_pipe+0x108/0x170
[  248.945066][T10704]  ? splice_shrink_spd+0xd0/0xd0
[  248.950121][T10704]  default_file_splice_write+0x3c/0x90
[  248.955594][T10704]  ? generic_splice_sendpage+0x50/0x50
[  248.961076][T10704]  direct_splice_actor+0x126/0x1a0
[  248.966210][T10704]  splice_direct_to_actor+0x369/0x970
[  248.971615][T10704]  ? generic_pipe_buf_nosteal+0x10/0x10
[  248.977185][T10704]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  248.983446][T10704]  ? do_splice_to+0x190/0x190
[  248.988136][T10704]  ? rw_verify_area+0x118/0x360
[  248.992993][T10704]  do_splice_direct+0x1da/0x2a0
[  248.997879][T10704]  ? splice_direct_to_actor+0x970/0x970
[  249.003441][T10704]  ? rw_verify_area+0x118/0x360
[  249.008296][T10704]  do_sendfile+0x597/0xd00
[  249.012706][T10704]  ? do_compat_pwritev64+0x1c0/0x1c0
[  249.017990][T10704]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  249.024683][T10704]  ? _copy_from_user+0xdd/0x150
[  249.029540][T10704]  __x64_sys_sendfile64+0x15a/0x220
[  249.034748][T10704]  ? __ia32_sys_sendfile+0x230/0x230
[  249.040048][T10704]  ? do_syscall_64+0x26/0x610
[  249.044739][T10704]  ? lockdep_hardirqs_on+0x418/0x5d0
[  249.050050][T10704]  ? trace_hardirqs_on+0x67/0x230
[  249.055102][T10704]  do_syscall_64+0x103/0x610
[  249.059802][T10704]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  249.065693][T10704] RIP: 0033:0x457f29
[  249.069593][T10704] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  249.089403][T10704] RSP: 002b:00007faa78a51c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  249.097821][T10704] RAX: ffffffffffffffda RBX: 00007faa78a51c90 RCX: 0000000000457f29
18:25:02 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d"], 0x33)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:02 executing program 0 (fault-call:5 fault-nth:3):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  249.105788][T10704] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  249.113767][T10704] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  249.121755][T10704] R10: 0000000000000002 R11: 0000000000000246 R12: 00007faa78a526d4
[  249.130234][T10704] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  249.151826][T10704] Bluetooth: Can't register HCI device
18:25:02 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:02 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x0)

18:25:02 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e, 0x2)

[  249.233774][T10722] FAULT_INJECTION: forcing a failure.
[  249.233774][T10722] name failslab, interval 1, probability 0, space 0, times 0
[  249.303257][T10722] CPU: 1 PID: 10722 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  249.311965][T10722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  249.311974][T10722] Call Trace:
[  249.312002][T10722]  dump_stack+0x172/0x1f0
[  249.312039][T10722]  should_fail.cold+0xa/0x15
[  249.312061][T10722]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  249.312084][T10722]  ? ___might_sleep+0x163/0x280
[  249.312106][T10722]  __should_failslab+0x121/0x190
[  249.312131][T10722]  should_failslab+0x9/0x14
[  249.345524][T10722]  kmem_cache_alloc_node_trace+0x270/0x720
[  249.345553][T10722]  __kmalloc_node_track_caller+0x3d/0x70
[  249.345574][T10722]  __kmalloc_reserve.isra.0+0x40/0xf0
[  249.345592][T10722]  __alloc_skb+0x10b/0x5e0
[  249.345610][T10722]  ? skb_trim+0x190/0x190
[  249.360850][T10722]  ? find_get_entry+0x535/0x880
[  249.360874][T10722]  vhci_write+0xc4/0x470
[  249.360896][T10722]  new_sync_write+0x4c7/0x760
[  249.360913][T10722]  ? default_llseek+0x2e0/0x2e0
[  249.360930][T10722]  ? copy_page_to_iter+0x4e7/0xd60
[  249.360949][T10722]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  249.360962][T10722]  ? put_page+0xce/0x130
[  249.360986][T10722]  __vfs_write+0xe4/0x110
[  249.361003][T10722]  __kernel_write+0x110/0x3b0
[  249.361034][T10722]  write_pipe_buf+0x15d/0x1f0
[  249.361050][T10722]  ? aa_file_perm+0x432/0xeb0
[  249.361064][T10722]  ? do_splice_direct+0x2a0/0x2a0
[  249.361085][T10722]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  249.381098][T10722]  ? splice_from_pipe_next.part.0+0x255/0x2f0
18:25:02 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

[  249.381116][T10722]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  249.381142][T10722]  __splice_from_pipe+0x395/0x7d0
[  249.390740][T10722]  ? do_splice_direct+0x2a0/0x2a0
[  249.390763][T10722]  ? do_splice_direct+0x2a0/0x2a0
[  249.390778][T10722]  splice_from_pipe+0x108/0x170
[  249.390801][T10722]  ? splice_shrink_spd+0xd0/0xd0
[  249.390828][T10722]  default_file_splice_write+0x3c/0x90
[  249.390840][T10722]  ? generic_splice_sendpage+0x50/0x50
[  249.390854][T10722]  direct_splice_actor+0x126/0x1a0
[  249.390871][T10722]  splice_direct_to_actor+0x369/0x970
[  249.390887][T10722]  ? generic_pipe_buf_nosteal+0x10/0x10
[  249.390908][T10722]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  249.390921][T10722]  ? do_splice_to+0x190/0x190
[  249.390944][T10722]  ? rw_verify_area+0x118/0x360
[  249.405659][T10722]  do_splice_direct+0x1da/0x2a0
[  249.405678][T10722]  ? splice_direct_to_actor+0x970/0x970
[  249.405705][T10722]  ? rw_verify_area+0x118/0x360
[  249.405725][T10722]  do_sendfile+0x597/0xd00
[  249.416379][T10722]  ? do_compat_pwritev64+0x1c0/0x1c0
[  249.425817][T10722]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  249.425832][T10722]  ? _copy_from_user+0xdd/0x150
[  249.425850][T10722]  __x64_sys_sendfile64+0x15a/0x220
[  249.425872][T10722]  ? __ia32_sys_sendfile+0x230/0x230
[  249.440224][T10722]  ? do_syscall_64+0x26/0x610
[  249.440243][T10722]  ? lockdep_hardirqs_on+0x418/0x5d0
[  249.440261][T10722]  ? trace_hardirqs_on+0x67/0x230
[  249.440278][T10722]  do_syscall_64+0x103/0x610
[  249.440297][T10722]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
18:25:02 executing program 0 (fault-call:5 fault-nth:4):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  249.440309][T10722] RIP: 0033:0x457f29
[  249.440324][T10722] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  249.440331][T10722] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  249.440345][T10722] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  249.440353][T10722] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
18:25:02 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x0)

18:25:02 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x48, 0x2)

[  249.440361][T10722] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  249.440369][T10722] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  249.440377][T10722] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  249.695959][T10741] FAULT_INJECTION: forcing a failure.
[  249.695959][T10741] name failslab, interval 1, probability 0, space 0, times 0
[  249.764862][T10741] CPU: 0 PID: 10741 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  249.773589][T10741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  249.783886][T10741] Call Trace:
[  249.783917][T10741]  dump_stack+0x172/0x1f0
[  249.783939][T10741]  should_fail.cold+0xa/0x15
[  249.783961][T10741]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  249.802019][T10741]  ? ___might_sleep+0x163/0x280
[  249.806921][T10741]  __should_failslab+0x121/0x190
[  249.811883][T10741]  should_failslab+0x9/0x14
[  249.816575][T10741]  kmem_cache_alloc_node+0x264/0x710
[  249.821886][T10741]  __alloc_skb+0xd5/0x5e0
[  249.826233][T10741]  ? skb_trim+0x190/0x190
[  249.830663][T10741]  ? vhci_write+0x2b3/0x470
[  249.835178][T10741]  ? rcu_read_lock_sched_held+0x110/0x130
[  249.840925][T10741]  ? kmem_cache_free+0x225/0x260
[  249.845885][T10741]  __vhci_create_device+0x88/0x5a0
[  249.851012][T10741]  vhci_write+0x2d0/0x470
[  249.855376][T10741]  new_sync_write+0x4c7/0x760
[  249.860073][T10741]  ? default_llseek+0x2e0/0x2e0
[  249.864930][T10741]  ? copy_page_to_iter+0x4e7/0xd60
[  249.870063][T10741]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  249.876663][T10741]  ? put_page+0xce/0x130
[  249.880935][T10741]  __vfs_write+0xe4/0x110
[  249.885339][T10741]  __kernel_write+0x110/0x3b0
[  249.890048][T10741]  write_pipe_buf+0x15d/0x1f0
[  249.894913][T10741]  ? aa_file_perm+0x432/0xeb0
[  249.894931][T10741]  ? do_splice_direct+0x2a0/0x2a0
[  249.894948][T10741]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  249.894963][T10741]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  249.894977][T10741]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  249.894995][T10741]  __splice_from_pipe+0x395/0x7d0
[  249.895010][T10741]  ? do_splice_direct+0x2a0/0x2a0
[  249.895044][T10741]  ? do_splice_direct+0x2a0/0x2a0
[  249.895059][T10741]  splice_from_pipe+0x108/0x170
[  249.895077][T10741]  ? splice_shrink_spd+0xd0/0xd0
[  249.895107][T10741]  default_file_splice_write+0x3c/0x90
[  249.895121][T10741]  ? generic_splice_sendpage+0x50/0x50
[  249.895137][T10741]  direct_splice_actor+0x126/0x1a0
[  249.895156][T10741]  splice_direct_to_actor+0x369/0x970
[  249.911107][T10741]  ? generic_pipe_buf_nosteal+0x10/0x10
[  249.911130][T10741]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  249.911148][T10741]  ? do_splice_to+0x190/0x190
[  249.933677][T10753] FAULT_INJECTION: forcing a failure.
[  249.933677][T10753] name failslab, interval 1, probability 0, space 0, times 0
[  249.939982][T10741]  ? rw_verify_area+0x118/0x360
[  249.940002][T10741]  do_splice_direct+0x1da/0x2a0
[  249.940019][T10741]  ? splice_direct_to_actor+0x970/0x970
[  249.940052][T10741]  ? rw_verify_area+0x118/0x360
[  250.021040][T10741]  do_sendfile+0x597/0xd00
[  250.025481][T10741]  ? do_compat_pwritev64+0x1c0/0x1c0
[  250.030778][T10741]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  250.037018][T10741]  ? _copy_from_user+0xdd/0x150
[  250.041889][T10741]  __x64_sys_sendfile64+0x15a/0x220
[  250.047095][T10741]  ? __ia32_sys_sendfile+0x230/0x230
[  250.052402][T10741]  ? do_syscall_64+0x26/0x610
[  250.057174][T10741]  ? lockdep_hardirqs_on+0x418/0x5d0
[  250.062462][T10741]  ? trace_hardirqs_on+0x67/0x230
[  250.067503][T10741]  do_syscall_64+0x103/0x610
[  250.072105][T10741]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  250.077996][T10741] RIP: 0033:0x457f29
[  250.081911][T10741] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  250.101523][T10741] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
18:25:03 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c, 0x2)

18:25:03 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d"], 0x33)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:03 executing program 4 (fault-call:5 fault-nth:0):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:03 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2, 0x2)

[  250.110142][T10741] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  250.118117][T10741] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  250.126096][T10741] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  250.134076][T10741] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  250.142064][T10741] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  250.150156][T10753] CPU: 1 PID: 10753 Comm: syz-executor.4 Not tainted 5.0.0-next-20190306 #4
18:25:03 executing program 0 (fault-call:5 fault-nth:5):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  250.158840][T10753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  250.168981][T10753] Call Trace:
[  250.172305][T10753]  dump_stack+0x172/0x1f0
[  250.176833][T10753]  should_fail.cold+0xa/0x15
[  250.181427][T10753]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  250.187335][T10753]  ? ___might_sleep+0x163/0x280
[  250.192196][T10753]  __should_failslab+0x121/0x190
[  250.197140][T10753]  should_failslab+0x9/0x14
[  250.201663][T10753]  kmem_cache_alloc_trace+0x2d1/0x760
[  250.207061][T10753]  ? kasan_check_read+0x11/0x20
[  250.212128][T10753]  alloc_pipe_info+0xb9/0x430
[  250.216829][T10753]  splice_direct_to_actor+0x775/0x970
[  250.222206][T10753]  ? common_file_perm+0x238/0x720
[  250.227434][T10753]  ? generic_pipe_buf_nosteal+0x10/0x10
[  250.232982][T10753]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  250.232999][T10753]  ? do_splice_to+0x190/0x190
[  250.233019][T10753]  ? rw_verify_area+0x118/0x360
[  250.233047][T10753]  do_splice_direct+0x1da/0x2a0
[  250.253625][T10753]  ? splice_direct_to_actor+0x970/0x970
[  250.253654][T10753]  ? rw_verify_area+0x118/0x360
[  250.253674][T10753]  do_sendfile+0x597/0xd00
[  250.253700][T10753]  ? do_compat_pwritev64+0x1c0/0x1c0
[  250.253717][T10753]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  250.253736][T10753]  ? fput+0x1b/0x20
[  250.280407][T10753]  __x64_sys_sendfile64+0x1dd/0x220
[  250.280424][T10753]  ? __ia32_sys_sendfile+0x230/0x230
[  250.280441][T10753]  ? do_syscall_64+0x26/0x610
[  250.280457][T10753]  ? lockdep_hardirqs_on+0x418/0x5d0
[  250.280475][T10753]  ? trace_hardirqs_on+0x67/0x230
[  250.280491][T10753]  do_syscall_64+0x103/0x610
[  250.280510][T10753]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  250.280521][T10753] RIP: 0033:0x457f29
[  250.280535][T10753] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  250.280543][T10753] RSP: 002b:00007f7ce6e0fc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  250.280557][T10753] RAX: ffffffffffffffda RBX: 00007f7ce6e0fc90 RCX: 0000000000457f29
18:25:03 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

[  250.280565][T10753] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  250.280581][T10753] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  250.289578][T10753] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f7ce6e106d4
[  250.289587][T10753] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  250.291494][T10764] FAULT_INJECTION: forcing a failure.
[  250.291494][T10764] name failslab, interval 1, probability 0, space 0, times 0
[  250.418370][T10764] CPU: 1 PID: 10764 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  250.427548][T10764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  250.437612][T10764] Call Trace:
[  250.440926][T10764]  dump_stack+0x172/0x1f0
[  250.445282][T10764]  should_fail.cold+0xa/0x15
[  250.449890][T10764]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  250.455727][T10764]  ? ___might_sleep+0x163/0x280
[  250.455748][T10764]  __should_failslab+0x121/0x190
18:25:03 executing program 4 (fault-call:5 fault-nth:1):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  250.455767][T10764]  should_failslab+0x9/0x14
[  250.455791][T10764]  kmem_cache_alloc_node_trace+0x270/0x720
[  250.455818][T10764]  __kmalloc_node_track_caller+0x3d/0x70
[  250.455841][T10764]  __kmalloc_reserve.isra.0+0x40/0xf0
[  250.486914][T10764]  __alloc_skb+0x10b/0x5e0
[  250.491347][T10764]  ? skb_trim+0x190/0x190
[  250.495682][T10764]  ? vhci_write+0x2b3/0x470
[  250.500192][T10764]  ? rcu_read_lock_sched_held+0x110/0x130
[  250.500210][T10764]  ? kmem_cache_free+0x225/0x260
[  250.500232][T10764]  __vhci_create_device+0x88/0x5a0
[  250.500249][T10764]  vhci_write+0x2d0/0x470
[  250.500269][T10764]  new_sync_write+0x4c7/0x760
[  250.500287][T10764]  ? default_llseek+0x2e0/0x2e0
[  250.500306][T10764]  ? copy_page_to_iter+0x4e7/0xd60
[  250.500326][T10764]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  250.500341][T10764]  ? put_page+0xce/0x130
[  250.500368][T10764]  __vfs_write+0xe4/0x110
[  250.500387][T10764]  __kernel_write+0x110/0x3b0
[  250.500407][T10764]  write_pipe_buf+0x15d/0x1f0
[  250.520497][T10764]  ? aa_file_perm+0x432/0xeb0
[  250.520515][T10764]  ? do_splice_direct+0x2a0/0x2a0
[  250.520533][T10764]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  250.520548][T10764]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  250.520564][T10764]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  250.520581][T10764]  __splice_from_pipe+0x395/0x7d0
[  250.520594][T10764]  ? do_splice_direct+0x2a0/0x2a0
[  250.520614][T10764]  ? do_splice_direct+0x2a0/0x2a0
[  250.520628][T10764]  splice_from_pipe+0x108/0x170
[  250.520644][T10764]  ? splice_shrink_spd+0xd0/0xd0
[  250.520673][T10764]  default_file_splice_write+0x3c/0x90
[  250.520693][T10764]  ? generic_splice_sendpage+0x50/0x50
[  250.624128][T10764]  direct_splice_actor+0x126/0x1a0
[  250.629253][T10764]  splice_direct_to_actor+0x369/0x970
[  250.634819][T10764]  ? generic_pipe_buf_nosteal+0x10/0x10
[  250.640386][T10764]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  250.646629][T10764]  ? do_splice_to+0x190/0x190
[  250.651306][T10764]  ? rw_verify_area+0x118/0x360
[  250.656163][T10764]  do_splice_direct+0x1da/0x2a0
[  250.661037][T10764]  ? splice_direct_to_actor+0x970/0x970
[  250.664152][T10774] FAULT_INJECTION: forcing a failure.
[  250.664152][T10774] name failslab, interval 1, probability 0, space 0, times 0
[  250.666853][T10764]  ? rw_verify_area+0x118/0x360
[  250.666875][T10764]  do_sendfile+0x597/0xd00
[  250.688766][T10764]  ? do_compat_pwritev64+0x1c0/0x1c0
[  250.694086][T10764]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  250.700336][T10764]  ? _copy_from_user+0xdd/0x150
[  250.705199][T10764]  __x64_sys_sendfile64+0x15a/0x220
[  250.710409][T10764]  ? __ia32_sys_sendfile+0x230/0x230
[  250.715705][T10764]  ? do_syscall_64+0x26/0x610
[  250.720400][T10764]  ? lockdep_hardirqs_on+0x418/0x5d0
[  250.725791][T10764]  ? trace_hardirqs_on+0x67/0x230
[  250.730832][T10764]  do_syscall_64+0x103/0x610
[  250.735911][T10764]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  250.741811][T10764] RIP: 0033:0x457f29
[  250.745719][T10764] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  250.765333][T10764] RSP: 002b:00007f45b2815c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  250.773752][T10764] RAX: ffffffffffffffda RBX: 00007f45b2815c90 RCX: 0000000000457f29
[  250.781820][T10764] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  250.789804][T10764] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  250.797781][T10764] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28166d4
[  250.805762][T10764] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  250.813885][T10774] CPU: 0 PID: 10774 Comm: syz-executor.4 Not tainted 5.0.0-next-20190306 #4
[  250.822582][T10774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  250.832647][T10774] Call Trace:
[  250.835951][T10774]  dump_stack+0x172/0x1f0
[  250.840309][T10774]  should_fail.cold+0xa/0x15
[  250.844888][T10774]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  250.850677][T10774]  ? ___might_sleep+0x163/0x280
[  250.855521][T10774]  __should_failslab+0x121/0x190
[  250.860445][T10774]  should_failslab+0x9/0x14
[  250.864937][T10774]  __kmalloc+0x2dc/0x740
[  250.869162][T10774]  ? kmem_cache_alloc_trace+0x354/0x760
[  250.874689][T10774]  ? kasan_check_read+0x11/0x20
[  250.879532][T10774]  ? alloc_pipe_info+0x199/0x430
[  250.884457][T10774]  alloc_pipe_info+0x199/0x430
[  250.889223][T10774]  splice_direct_to_actor+0x775/0x970
[  250.894577][T10774]  ? common_file_perm+0x238/0x720
[  250.899598][T10774]  ? generic_pipe_buf_nosteal+0x10/0x10
[  250.905155][T10774]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  250.911480][T10774]  ? do_splice_to+0x190/0x190
[  250.916142][T10774]  ? rw_verify_area+0x118/0x360
[  250.920984][T10774]  do_splice_direct+0x1da/0x2a0
[  250.925911][T10774]  ? splice_direct_to_actor+0x970/0x970
[  250.931446][T10774]  ? rw_verify_area+0x118/0x360
[  250.936311][T10774]  do_sendfile+0x597/0xd00
[  250.940747][T10774]  ? do_compat_pwritev64+0x1c0/0x1c0
[  250.946037][T10774]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  250.952265][T10774]  ? fput+0x1b/0x20
[  250.956060][T10774]  __x64_sys_sendfile64+0x1dd/0x220
[  250.961245][T10774]  ? __ia32_sys_sendfile+0x230/0x230
[  250.966534][T10774]  ? do_syscall_64+0x26/0x610
[  250.971199][T10774]  ? lockdep_hardirqs_on+0x418/0x5d0
[  250.976663][T10774]  ? trace_hardirqs_on+0x67/0x230
[  250.981679][T10774]  do_syscall_64+0x103/0x610
[  250.986260][T10774]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  250.992156][T10774] RIP: 0033:0x457f29
[  250.996121][T10774] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:25:04 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d"], 0x33)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:04 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3, 0x2)

[  251.015983][T10774] RSP: 002b:00007f7ce6deec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  251.024382][T10774] RAX: ffffffffffffffda RBX: 00007f7ce6deec90 RCX: 0000000000457f29
[  251.032343][T10774] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[  251.040323][T10774] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  251.048279][T10774] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f7ce6def6d4
[  251.056242][T10774] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:04 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x60, 0x2)

18:25:04 executing program 0 (fault-call:5 fault-nth:6):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:04 executing program 4 (fault-call:5 fault-nth:2):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:04 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4, 0x2)

[  251.260828][T10789] FAULT_INJECTION: forcing a failure.
[  251.260828][T10789] name failslab, interval 1, probability 0, space 0, times 0
[  251.283604][T10789] CPU: 1 PID: 10789 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  251.292315][T10789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  251.292330][T10789] Call Trace:
[  251.305881][T10789]  dump_stack+0x172/0x1f0
[  251.310590][T10789]  should_fail.cold+0xa/0x15
[  251.315197][T10789]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  251.321017][T10789]  ? ___might_sleep+0x163/0x280
[  251.325887][T10789]  __should_failslab+0x121/0x190
[  251.325906][T10789]  should_failslab+0x9/0x14
[  251.325931][T10789]  kmem_cache_alloc_trace+0x2d1/0x760
[  251.341136][T10789]  ? skb_trim+0x190/0x190
[  251.345657][T10789]  ? vhci_write+0x2b3/0x470
[  251.350172][T10789]  ? rcu_read_lock_sched_held+0x110/0x130
[  251.356020][T10789]  hci_alloc_dev+0x43/0x1d00
[  251.360649][T10789]  __vhci_create_device+0x101/0x5a0
[  251.365855][T10789]  vhci_write+0x2d0/0x470
[  251.370198][T10789]  new_sync_write+0x4c7/0x760
[  251.374898][T10789]  ? default_llseek+0x2e0/0x2e0
[  251.379763][T10789]  ? copy_page_to_iter+0x4e7/0xd60
[  251.385382][T10789]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  251.385397][T10789]  ? put_page+0xce/0x130
[  251.385424][T10789]  __vfs_write+0xe4/0x110
[  251.385445][T10789]  __kernel_write+0x110/0x3b0
[  251.406434][T10789]  write_pipe_buf+0x15d/0x1f0
18:25:04 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:04 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000008c0)={{0x9, 0x5, 0x1000, 0x0, 'syz0\x00', 0xff}, 0x0, [0x11a6eca2, 0x1, 0x101, 0x3f, 0x2, 0x50, 0x4, 0x6, 0x3ff, 0x6, 0x69, 0xfff, 0x9, 0x6a, 0xfffffffffffffffa, 0x1, 0x6, 0x40, 0x1, 0x3, 0x10001, 0x2, 0x2, 0x6, 0x0, 0x0, 0x5, 0x2, 0x5, 0x3ff, 0xe27, 0x1, 0x8, 0x6, 0x2, 0x100000001, 0x0, 0x0, 0x3, 0x0, 0x3f, 0x588, 0x0, 0x20000000, 0x6, 0x9, 0x1000, 0x6, 0x400, 0x0, 0x1aed, 0x3, 0x6, 0x8, 0x401, 0x6, 0x7, 0x6, 0x1, 0x1, 0x40, 0x1000000, 0x5, 0x2be881db, 0x0, 0x69, 0x7, 0x9, 0x80000001, 0x965, 0x1, 0x800, 0x7b1, 0x9, 0x8, 0x0, 0x10001, 0x0, 0x0, 0x7, 0x5, 0x4, 0x600000, 0x9, 0xff, 0x0, 0x1ff, 0xfffffffffffffffc, 0x0, 0x8, 0x8, 0x5, 0x9, 0x0, 0x9, 0xf901, 0x10000, 0x7fffffff, 0x7fff, 0x40, 0x1, 0x91c, 0xc1f, 0x6, 0x0, 0xffffffff, 0x8, 0x1, 0x0, 0xfc, 0x4, 0x3, 0x0, 0x7, 0x7, 0x7f, 0x6, 0x100000001, 0x6, 0x1, 0x1, 0x1000, 0x5, 0x6, 0x10001, 0xffffffff, 0x9, 0x80], {0x0, 0x1c9c380}})
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(0xffffffffffffffff, 0x40045201, &(0x7f0000000280)=0x1f)

[  251.411151][T10789]  ? aa_file_perm+0x432/0xeb0
[  251.415938][T10789]  ? do_splice_direct+0x2a0/0x2a0
[  251.420989][T10789]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  251.427247][T10789]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  251.427265][T10789]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  251.427291][T10789]  __splice_from_pipe+0x395/0x7d0
[  251.446091][T10789]  ? do_splice_direct+0x2a0/0x2a0
[  251.451301][T10789]  ? do_splice_direct+0x2a0/0x2a0
[  251.456361][T10789]  splice_from_pipe+0x108/0x170
[  251.456381][T10789]  ? splice_shrink_spd+0xd0/0xd0
[  251.456408][T10789]  default_file_splice_write+0x3c/0x90
[  251.471991][T10789]  ? generic_splice_sendpage+0x50/0x50
[  251.477517][T10789]  direct_splice_actor+0x126/0x1a0
[  251.483130][T10789]  splice_direct_to_actor+0x369/0x970
[  251.488519][T10789]  ? generic_pipe_buf_nosteal+0x10/0x10
[  251.494798][T10789]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  251.501067][T10789]  ? do_splice_to+0x190/0x190
[  251.505760][T10789]  ? rw_verify_area+0x118/0x360
[  251.510629][T10789]  do_splice_direct+0x1da/0x2a0
[  251.510648][T10789]  ? splice_direct_to_actor+0x970/0x970
[  251.510674][T10789]  ? rw_verify_area+0x118/0x360
[  251.510700][T10789]  do_sendfile+0x597/0xd00
[  251.530556][T10789]  ? do_compat_pwritev64+0x1c0/0x1c0
[  251.530580][T10789]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  251.530592][T10789]  ? _copy_from_user+0xdd/0x150
[  251.530609][T10789]  __x64_sys_sendfile64+0x15a/0x220
[  251.530624][T10789]  ? __ia32_sys_sendfile+0x230/0x230
18:25:04 executing program 0 (fault-call:5 fault-nth:7):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:04 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  251.530639][T10789]  ? do_syscall_64+0x26/0x610
[  251.530653][T10789]  ? lockdep_hardirqs_on+0x418/0x5d0
[  251.530669][T10789]  ? trace_hardirqs_on+0x67/0x230
[  251.530685][T10789]  do_syscall_64+0x103/0x610
[  251.530704][T10789]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  251.530715][T10789] RIP: 0033:0x457f29
[  251.530729][T10789] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  251.530736][T10789] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  251.530749][T10789] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  251.530757][T10789] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  251.530764][T10789] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  251.530772][T10789] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  251.530780][T10789] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:05 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  251.706586][T10809] FAULT_INJECTION: forcing a failure.
[  251.706586][T10809] name failslab, interval 1, probability 0, space 0, times 0
[  251.727322][T10809] CPU: 0 PID: 10809 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  251.736035][T10809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  251.746113][T10809] Call Trace:
[  251.746142][T10809]  dump_stack+0x172/0x1f0
[  251.746164][T10809]  should_fail.cold+0xa/0x15
[  251.746184][T10809]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  251.746210][T10809]  ? ___might_sleep+0x163/0x280
[  251.769918][T10809]  __should_failslab+0x121/0x190
[  251.774882][T10809]  should_failslab+0x9/0x14
[  251.779487][T10809]  __kmalloc+0x2dc/0x740
[  251.783747][T10809]  ? alloc_workqueue+0x13c/0xe70
[  251.788721][T10809]  alloc_workqueue+0x13c/0xe70
[  251.793503][T10809]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  251.799324][T10809]  ? scnprintf+0x140/0x140
[  251.799348][T10809]  ? __init_waitqueue_head+0x36/0x90
[  251.799372][T10809]  hci_register_dev+0x1b8/0x860
[  251.799387][T10809]  ? hci_init_sysfs+0x7c/0xa0
[  251.799409][T10809]  __vhci_create_device+0x2d0/0x5a0
[  251.799429][T10809]  vhci_write+0x2d0/0x470
[  251.809142][T10809]  new_sync_write+0x4c7/0x760
[  251.809162][T10809]  ? default_llseek+0x2e0/0x2e0
[  251.809181][T10809]  ? copy_page_to_iter+0x4e7/0xd60
[  251.809201][T10809]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  251.809215][T10809]  ? put_page+0xce/0x130
[  251.809241][T10809]  __vfs_write+0xe4/0x110
[  251.809261][T10809]  __kernel_write+0x110/0x3b0
[  251.858172][T10809]  write_pipe_buf+0x15d/0x1f0
[  251.858191][T10809]  ? aa_file_perm+0x432/0xeb0
[  251.858211][T10809]  ? do_splice_direct+0x2a0/0x2a0
[  251.872321][T10809]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  251.872340][T10809]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  251.872354][T10809]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  251.872370][T10809]  __splice_from_pipe+0x395/0x7d0
[  251.872384][T10809]  ? do_splice_direct+0x2a0/0x2a0
18:25:05 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x0)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:05 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x5, 0x2)

18:25:05 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x68, 0x2)

[  251.872402][T10809]  ? do_splice_direct+0x2a0/0x2a0
[  251.872416][T10809]  splice_from_pipe+0x108/0x170
[  251.872433][T10809]  ? splice_shrink_spd+0xd0/0xd0
[  251.872460][T10809]  default_file_splice_write+0x3c/0x90
[  251.872479][T10809]  ? generic_splice_sendpage+0x50/0x50
[  251.883862][T10809]  direct_splice_actor+0x126/0x1a0
[  251.883882][T10809]  splice_direct_to_actor+0x369/0x970
[  251.883899][T10809]  ? generic_pipe_buf_nosteal+0x10/0x10
[  251.883919][T10809]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  251.883932][T10809]  ? do_splice_to+0x190/0x190
[  251.883952][T10809]  ? rw_verify_area+0x118/0x360
[  251.883972][T10809]  do_splice_direct+0x1da/0x2a0
[  251.896283][T10809]  ? splice_direct_to_actor+0x970/0x970
[  251.896318][T10809]  ? rw_verify_area+0x118/0x360
[  251.896337][T10809]  do_sendfile+0x597/0xd00
[  251.896360][T10809]  ? do_compat_pwritev64+0x1c0/0x1c0
[  251.896380][T10809]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  251.896392][T10809]  ? _copy_from_user+0xdd/0x150
[  251.896409][T10809]  __x64_sys_sendfile64+0x15a/0x220
[  251.896423][T10809]  ? __ia32_sys_sendfile+0x230/0x230
[  251.896437][T10809]  ? do_syscall_64+0x26/0x610
[  251.896452][T10809]  ? lockdep_hardirqs_on+0x418/0x5d0
[  251.896476][T10809]  ? trace_hardirqs_on+0x67/0x230
[  251.911625][T10809]  do_syscall_64+0x103/0x610
[  251.911648][T10809]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  251.911660][T10809] RIP: 0033:0x457f29
[  251.911675][T10809] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  251.911681][T10809] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  251.911694][T10809] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  251.911702][T10809] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  251.911709][T10809] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  251.911717][T10809] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
18:25:05 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce"], 0x1a)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:05 executing program 0 (fault-call:5 fault-nth:8):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  251.911725][T10809] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  251.919656][T10809] Bluetooth: Can't register HCI device
18:25:05 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6, 0x2)

18:25:05 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c, 0x2)

18:25:05 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x3)

[  252.268776][T10832] FAULT_INJECTION: forcing a failure.
[  252.268776][T10832] name failslab, interval 1, probability 0, space 0, times 0
[  252.292749][T10832] CPU: 0 PID: 10832 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  252.301545][T10832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  252.311612][T10832] Call Trace:
[  252.314925][T10832]  dump_stack+0x172/0x1f0
[  252.319280][T10832]  should_fail.cold+0xa/0x15
[  252.323988][T10832]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  252.332340][T10832]  ? ___might_sleep+0x163/0x280
[  252.337210][T10832]  __should_failslab+0x121/0x190
[  252.342164][T10832]  should_failslab+0x9/0x14
[  252.346682][T10832]  __kmalloc+0x2dc/0x740
[  252.350983][T10832]  ? alloc_workqueue+0x13c/0xe70
[  252.355969][T10832]  alloc_workqueue+0x13c/0xe70
[  252.360753][T10832]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  252.366476][T10832]  ? scnprintf+0x140/0x140
[  252.370913][T10832]  ? __init_waitqueue_head+0x36/0x90
[  252.376215][T10832]  hci_register_dev+0x1b8/0x860
[  252.381076][T10832]  ? hci_init_sysfs+0x7c/0xa0
[  252.385748][T10832]  __vhci_create_device+0x2d0/0x5a0
[  252.390933][T10832]  vhci_write+0x2d0/0x470
[  252.395253][T10832]  new_sync_write+0x4c7/0x760
[  252.402874][T10832]  ? default_llseek+0x2e0/0x2e0
[  252.407890][T10832]  ? copy_page_to_iter+0x4e7/0xd60
[  252.412990][T10832]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  252.419247][T10832]  ? put_page+0xce/0x130
[  252.423486][T10832]  __vfs_write+0xe4/0x110
[  252.427813][T10832]  __kernel_write+0x110/0x3b0
[  252.432477][T10832]  write_pipe_buf+0x15d/0x1f0
[  252.437140][T10832]  ? aa_file_perm+0x432/0xeb0
[  252.441906][T10832]  ? do_splice_direct+0x2a0/0x2a0
[  252.446924][T10832]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  252.453784][T10832]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  252.463336][T10832]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  252.469569][T10832]  __splice_from_pipe+0x395/0x7d0
[  252.474575][T10832]  ? do_splice_direct+0x2a0/0x2a0
[  252.479587][T10832]  ? do_splice_direct+0x2a0/0x2a0
[  252.484609][T10832]  splice_from_pipe+0x108/0x170
[  252.489452][T10832]  ? splice_shrink_spd+0xd0/0xd0
[  252.494376][T10832]  default_file_splice_write+0x3c/0x90
[  252.499816][T10832]  ? generic_splice_sendpage+0x50/0x50
[  252.505262][T10832]  direct_splice_actor+0x126/0x1a0
[  252.510815][T10832]  splice_direct_to_actor+0x369/0x970
[  252.516184][T10832]  ? generic_pipe_buf_nosteal+0x10/0x10
[  252.521813][T10832]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  252.528054][T10832]  ? do_splice_to+0x190/0x190
[  252.532733][T10832]  ? rw_verify_area+0x118/0x360
[  252.537583][T10832]  do_splice_direct+0x1da/0x2a0
[  252.542416][T10832]  ? splice_direct_to_actor+0x970/0x970
[  252.547952][T10832]  ? rw_verify_area+0x118/0x360
[  252.552795][T10832]  do_sendfile+0x597/0xd00
[  252.557200][T10832]  ? do_compat_pwritev64+0x1c0/0x1c0
[  252.562999][T10832]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  252.569328][T10832]  ? _copy_from_user+0xdd/0x150
[  252.574188][T10832]  __x64_sys_sendfile64+0x15a/0x220
[  252.579401][T10832]  ? __ia32_sys_sendfile+0x230/0x230
[  252.584675][T10832]  ? do_syscall_64+0x26/0x610
[  252.589352][T10832]  ? lockdep_hardirqs_on+0x418/0x5d0
[  252.594625][T10832]  ? trace_hardirqs_on+0x67/0x230
[  252.600769][T10832]  do_syscall_64+0x103/0x610
[  252.605359][T10832]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  252.611240][T10832] RIP: 0033:0x457f29
[  252.615377][T10832] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  252.635059][T10832] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  252.643551][T10832] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  252.652129][T10832] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  252.662372][T10832] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
18:25:06 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
open(0x0, 0x8000, 0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

[  252.670420][T10832] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  252.682106][T10832] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:06 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x8)

18:25:06 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7, 0x2)

18:25:06 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x74, 0x2)

18:25:06 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  252.719151][T10832] Bluetooth: Can't register HCI device
18:25:06 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:06 executing program 0 (fault-call:5 fault-nth:9):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:06 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:06 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x8, 0x2)

18:25:06 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x9)

18:25:06 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a, 0x2)

[  252.932739][T10869] FAULT_INJECTION: forcing a failure.
[  252.932739][T10869] name failslab, interval 1, probability 0, space 0, times 0
18:25:06 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  253.006489][T10869] CPU: 1 PID: 10869 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  253.015232][T10869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  253.025299][T10869] Call Trace:
[  253.028611][T10869]  dump_stack+0x172/0x1f0
[  253.032961][T10869]  should_fail.cold+0xa/0x15
[  253.037669][T10869]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  253.043996][T10869]  ? ___might_sleep+0x163/0x280
[  253.048874][T10869]  __should_failslab+0x121/0x190
[  253.053837][T10869]  should_failslab+0x9/0x14
[  253.058360][T10869]  kmem_cache_alloc_trace+0x2d1/0x760
[  253.063749][T10869]  ? rcu_read_lock_sched_held+0x110/0x130
[  253.069579][T10869]  ? __kmalloc+0x5d5/0x740
[  253.069603][T10869]  alloc_workqueue_attrs+0x82/0x120
[  253.069620][T10869]  alloc_workqueue+0x166/0xe70
[  253.069641][T10869]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  253.069656][T10869]  ? scnprintf+0x140/0x140
[  253.069676][T10869]  ? __init_waitqueue_head+0x36/0x90
[  253.069698][T10869]  hci_register_dev+0x1b8/0x860
[  253.079412][T10869]  ? hci_init_sysfs+0x7c/0xa0
[  253.079436][T10869]  __vhci_create_device+0x2d0/0x5a0
[  253.079454][T10869]  vhci_write+0x2d0/0x470
[  253.079475][T10869]  new_sync_write+0x4c7/0x760
[  253.079494][T10869]  ? default_llseek+0x2e0/0x2e0
[  253.079512][T10869]  ? copy_page_to_iter+0x4e7/0xd60
[  253.079531][T10869]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  253.079544][T10869]  ? put_page+0xce/0x130
[  253.079569][T10869]  __vfs_write+0xe4/0x110
[  253.079586][T10869]  __kernel_write+0x110/0x3b0
[  253.079606][T10869]  write_pipe_buf+0x15d/0x1f0
[  253.079627][T10869]  ? aa_file_perm+0x432/0xeb0
[  253.123627][T10869]  ? do_splice_direct+0x2a0/0x2a0
[  253.123647][T10869]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  253.123662][T10869]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  253.123677][T10869]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  253.123697][T10869]  __splice_from_pipe+0x395/0x7d0
[  253.123711][T10869]  ? do_splice_direct+0x2a0/0x2a0
[  253.123731][T10869]  ? do_splice_direct+0x2a0/0x2a0
[  253.133688][T10869]  splice_from_pipe+0x108/0x170
[  253.133706][T10869]  ? splice_shrink_spd+0xd0/0xd0
[  253.133732][T10869]  default_file_splice_write+0x3c/0x90
[  253.133745][T10869]  ? generic_splice_sendpage+0x50/0x50
[  253.133761][T10869]  direct_splice_actor+0x126/0x1a0
[  253.133780][T10869]  splice_direct_to_actor+0x369/0x970
[  253.133805][T10869]  ? generic_pipe_buf_nosteal+0x10/0x10
[  253.133825][T10869]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  253.133837][T10869]  ? do_splice_to+0x190/0x190
[  253.133855][T10869]  ? rw_verify_area+0x118/0x360
[  253.133872][T10869]  do_splice_direct+0x1da/0x2a0
[  253.133891][T10869]  ? splice_direct_to_actor+0x970/0x970
[  253.144867][T10869]  ? rw_verify_area+0x118/0x360
[  253.144888][T10869]  do_sendfile+0x597/0xd00
[  253.144917][T10869]  ? do_compat_pwritev64+0x1c0/0x1c0
[  253.144940][T10869]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  253.144960][T10869]  ? _copy_from_user+0xdd/0x150
[  253.153946][T10869]  __x64_sys_sendfile64+0x15a/0x220
[  253.153963][T10869]  ? __ia32_sys_sendfile+0x230/0x230
[  253.153979][T10869]  ? do_syscall_64+0x26/0x610
[  253.153996][T10869]  ? lockdep_hardirqs_on+0x418/0x5d0
[  253.154014][T10869]  ? trace_hardirqs_on+0x67/0x230
[  253.154042][T10869]  do_syscall_64+0x103/0x610
[  253.154062][T10869]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  253.154080][T10869] RIP: 0033:0x457f29
[  253.168518][T10869] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  253.168526][T10869] RSP: 002b:00007f45b2815c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  253.168541][T10869] RAX: ffffffffffffffda RBX: 00007f45b2815c90 RCX: 0000000000457f29
[  253.168550][T10869] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  253.168559][T10869] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  253.168568][T10869] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28166d4
[  253.168577][T10869] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:06 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f91"], 0xe)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  253.172389][T10869] Bluetooth: Can't register HCI device
18:25:06 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x204, 0x2)

18:25:06 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x10)

18:25:06 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10, 0x2)

18:25:06 executing program 0 (fault-call:5 fault-nth:10):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:06 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x35)

18:25:06 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  253.698921][T10909] FAULT_INJECTION: forcing a failure.
[  253.698921][T10909] name failslab, interval 1, probability 0, space 0, times 0
[  253.732158][T10909] CPU: 0 PID: 10909 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  253.741135][T10909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  253.741142][T10909] Call Trace:
[  253.741167][T10909]  dump_stack+0x172/0x1f0
[  253.741188][T10909]  should_fail.cold+0xa/0x15
[  253.741206][T10909]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  253.741225][T10909]  ? ___might_sleep+0x163/0x280
[  253.741242][T10909]  __should_failslab+0x121/0x190
[  253.741258][T10909]  should_failslab+0x9/0x14
[  253.741271][T10909]  __kmalloc+0x2dc/0x740
[  253.741300][T10909]  ? apply_wqattrs_prepare+0xae/0x970
[  253.741320][T10909]  apply_wqattrs_prepare+0xae/0x970
[  253.741346][T10909]  apply_workqueue_attrs_locked+0xcb/0x140
[  253.741363][T10909]  apply_workqueue_attrs+0x31/0x50
[  253.741380][T10909]  alloc_workqueue+0x84c/0xe70
[  253.741403][T10909]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  253.741425][T10909]  ? __init_waitqueue_head+0x36/0x90
[  253.825460][T10909]  hci_register_dev+0x1b8/0x860
[  253.825478][T10909]  ? hci_init_sysfs+0x7c/0xa0
[  253.825501][T10909]  __vhci_create_device+0x2d0/0x5a0
[  253.835035][T10909]  vhci_write+0x2d0/0x470
[  253.835059][T10909]  new_sync_write+0x4c7/0x760
[  253.835078][T10909]  ? default_llseek+0x2e0/0x2e0
[  253.854335][T10909]  ? copy_page_to_iter+0x4e7/0xd60
[  253.859457][T10909]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  253.865985][T10909]  ? put_page+0xce/0x130
[  253.870239][T10909]  __vfs_write+0xe4/0x110
[  253.874564][T10909]  __kernel_write+0x110/0x3b0
[  253.879405][T10909]  write_pipe_buf+0x15d/0x1f0
[  253.884171][T10909]  ? aa_file_perm+0x432/0xeb0
[  253.888854][T10909]  ? do_splice_direct+0x2a0/0x2a0
[  253.893893][T10909]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  253.900784][T10909]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  253.906868][T10909]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  253.913205][T10909]  __splice_from_pipe+0x395/0x7d0
[  253.918398][T10909]  ? do_splice_direct+0x2a0/0x2a0
[  253.923884][T10909]  ? do_splice_direct+0x2a0/0x2a0
[  253.928915][T10909]  splice_from_pipe+0x108/0x170
[  253.933788][T10909]  ? splice_shrink_spd+0xd0/0xd0
[  253.938907][T10909]  default_file_splice_write+0x3c/0x90
[  253.944381][T10909]  ? generic_splice_sendpage+0x50/0x50
[  253.949848][T10909]  direct_splice_actor+0x126/0x1a0
[  253.954950][T10909]  splice_direct_to_actor+0x369/0x970
[  253.960314][T10909]  ? generic_pipe_buf_nosteal+0x10/0x10
[  253.966183][T10909]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  253.972414][T10909]  ? do_splice_to+0x190/0x190
[  253.977081][T10909]  ? rw_verify_area+0x118/0x360
[  253.981919][T10909]  do_splice_direct+0x1da/0x2a0
[  253.986774][T10909]  ? splice_direct_to_actor+0x970/0x970
[  253.992317][T10909]  ? rw_verify_area+0x118/0x360
[  253.997153][T10909]  do_sendfile+0x597/0xd00
[  254.001559][T10909]  ? do_compat_pwritev64+0x1c0/0x1c0
[  254.007065][T10909]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  254.013378][T10909]  ? _copy_from_user+0xdd/0x150
[  254.018807][T10909]  __x64_sys_sendfile64+0x15a/0x220
[  254.023992][T10909]  ? __ia32_sys_sendfile+0x230/0x230
[  254.029279][T10909]  ? do_syscall_64+0x26/0x610
[  254.033989][T10909]  ? lockdep_hardirqs_on+0x418/0x5d0
[  254.039270][T10909]  ? trace_hardirqs_on+0x67/0x230
[  254.044313][T10909]  do_syscall_64+0x103/0x610
[  254.048899][T10909]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  254.054956][T10909] RIP: 0033:0x457f29
[  254.058833][T10909] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  254.078718][T10909] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  254.087134][T10909] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
18:25:07 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
unshare(0x10000000)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:07 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e, 0x2)

18:25:07 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x300, 0x2)

18:25:07 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x63)

[  254.095097][T10909] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  254.103081][T10909] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  254.111046][T10909] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  254.119004][T10909] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:07 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x370)

[  254.160019][T10909] Bluetooth: Can't register HCI device
18:25:07 executing program 0 (fault-call:5 fault-nth:11):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:07 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:07 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x402, 0x2)

18:25:07 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:07 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x48, 0x2)

[  254.384208][T10943] FAULT_INJECTION: forcing a failure.
[  254.384208][T10943] name failslab, interval 1, probability 0, space 0, times 0
[  254.415841][T10943] CPU: 1 PID: 10943 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  254.424556][T10943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
18:25:07 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  254.434623][T10943] Call Trace:
[  254.437928][T10943]  dump_stack+0x172/0x1f0
[  254.442287][T10943]  should_fail.cold+0xa/0x15
[  254.447086][T10943]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  254.452911][T10943]  ? ___might_sleep+0x163/0x280
[  254.457778][T10943]  __should_failslab+0x121/0x190
[  254.462738][T10943]  should_failslab+0x9/0x14
[  254.467244][T10943]  __kmalloc+0x2dc/0x740
[  254.471500][T10943]  ? apply_wqattrs_prepare+0xae/0x970
[  254.476886][T10943]  apply_wqattrs_prepare+0xae/0x970
[  254.482109][T10943]  apply_workqueue_attrs_locked+0xcb/0x140
[  254.487916][T10943]  apply_workqueue_attrs+0x31/0x50
[  254.493104][T10943]  alloc_workqueue+0x84c/0xe70
[  254.497951][T10943]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  254.503711][T10943]  ? __init_waitqueue_head+0x36/0x90
[  254.509202][T10943]  hci_register_dev+0x1b8/0x860
[  254.514082][T10943]  ? hci_init_sysfs+0x7c/0xa0
[  254.518782][T10943]  __vhci_create_device+0x2d0/0x5a0
[  254.523999][T10943]  vhci_write+0x2d0/0x470
[  254.528379][T10943]  new_sync_write+0x4c7/0x760
[  254.533078][T10943]  ? default_llseek+0x2e0/0x2e0
[  254.538062][T10943]  ? copy_page_to_iter+0x4e7/0xd60
[  254.543252][T10943]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  254.549473][T10943]  ? put_page+0xce/0x130
[  254.553707][T10943]  __vfs_write+0xe4/0x110
[  254.558041][T10943]  __kernel_write+0x110/0x3b0
[  254.562716][T10943]  write_pipe_buf+0x15d/0x1f0
[  254.567491][T10943]  ? aa_file_perm+0x432/0xeb0
[  254.572167][T10943]  ? do_splice_direct+0x2a0/0x2a0
[  254.577209][T10943]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  254.583448][T10943]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  254.589502][T10943]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  254.595835][T10943]  __splice_from_pipe+0x395/0x7d0
[  254.600854][T10943]  ? do_splice_direct+0x2a0/0x2a0
[  254.605869][T10943]  ? do_splice_direct+0x2a0/0x2a0
[  254.610984][T10943]  splice_from_pipe+0x108/0x170
[  254.615841][T10943]  ? splice_shrink_spd+0xd0/0xd0
[  254.620796][T10943]  default_file_splice_write+0x3c/0x90
[  254.626389][T10943]  ? generic_splice_sendpage+0x50/0x50
[  254.631850][T10943]  direct_splice_actor+0x126/0x1a0
[  254.636961][T10943]  splice_direct_to_actor+0x369/0x970
[  254.642353][T10943]  ? generic_pipe_buf_nosteal+0x10/0x10
[  254.647915][T10943]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  254.654163][T10943]  ? do_splice_to+0x190/0x190
[  254.658955][T10943]  ? rw_verify_area+0x118/0x360
[  254.663824][T10943]  do_splice_direct+0x1da/0x2a0
[  254.668669][T10943]  ? splice_direct_to_actor+0x970/0x970
[  254.674243][T10943]  ? rw_verify_area+0x118/0x360
[  254.679102][T10943]  do_sendfile+0x597/0xd00
[  254.683567][T10943]  ? do_compat_pwritev64+0x1c0/0x1c0
[  254.688867][T10943]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  254.695128][T10943]  ? _copy_from_user+0xdd/0x150
[  254.699990][T10943]  __x64_sys_sendfile64+0x15a/0x220
[  254.705201][T10943]  ? __ia32_sys_sendfile+0x230/0x230
[  254.710498][T10943]  ? do_syscall_64+0x26/0x610
[  254.715189][T10943]  ? lockdep_hardirqs_on+0x418/0x5d0
[  254.720493][T10943]  ? trace_hardirqs_on+0x67/0x230
[  254.725551][T10943]  do_syscall_64+0x103/0x610
[  254.730220][T10943]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  254.736096][T10943] RIP: 0033:0x457f29
[  254.739974][T10943] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  254.759854][T10943] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  254.768367][T10943] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  254.776737][T10943] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
18:25:08 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x372)

[  254.784745][T10943] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  254.792722][T10943] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  254.800726][T10943] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  254.812153][T10943] Bluetooth: Can't register HCI device
18:25:08 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x500, 0x2)

18:25:08 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c, 0x2)

18:25:08 executing program 0 (fault-call:5 fault-nth:12):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:08 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ff"], 0x1)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:08 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0xffffffff000)

18:25:08 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x10000, 0x0)
ioctl$VIDIOC_G_PARM(r1, 0xc0cc5615, &(0x7f0000000040)={0x1, @capture={0x1000, 0x1, {0x9, 0x8}, 0x9, 0x747a}})
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r2, 0x0, 0x2)

18:25:08 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

[  255.052366][T10975] FAULT_INJECTION: forcing a failure.
[  255.052366][T10975] name failslab, interval 1, probability 0, space 0, times 0
[  255.093656][T10975] CPU: 0 PID: 10975 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  255.102375][T10975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  255.102382][T10975] Call Trace:
[  255.102410][T10975]  dump_stack+0x172/0x1f0
[  255.102435][T10975]  should_fail.cold+0xa/0x15
[  255.102465][T10975]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  255.130511][T10975]  ? ___might_sleep+0x163/0x280
[  255.130531][T10975]  __should_failslab+0x121/0x190
[  255.130548][T10975]  should_failslab+0x9/0x14
[  255.130564][T10975]  kmem_cache_alloc_trace+0x2d1/0x760
[  255.130585][T10975]  ? rcu_read_lock_sched_held+0x110/0x130
[  255.155914][T10975]  ? __kmalloc+0x5d5/0x740
[  255.160352][T10975]  alloc_workqueue_attrs+0x82/0x120
[  255.165567][T10975]  apply_wqattrs_prepare+0xc8/0x970
[  255.170886][T10975]  apply_workqueue_attrs_locked+0xcb/0x140
[  255.176709][T10975]  apply_workqueue_attrs+0x31/0x50
[  255.181929][T10975]  alloc_workqueue+0x84c/0xe70
[  255.186712][T10975]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  255.192445][T10975]  ? __init_waitqueue_head+0x36/0x90
[  255.197754][T10975]  hci_register_dev+0x1b8/0x860
[  255.202633][T10975]  ? hci_init_sysfs+0x7c/0xa0
[  255.207334][T10975]  __vhci_create_device+0x2d0/0x5a0
[  255.212638][T10975]  vhci_write+0x2d0/0x470
[  255.216993][T10975]  new_sync_write+0x4c7/0x760
[  255.221718][T10975]  ? default_llseek+0x2e0/0x2e0
[  255.226697][T10975]  ? copy_page_to_iter+0x4e7/0xd60
[  255.231837][T10975]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  255.238092][T10975]  ? put_page+0xce/0x130
[  255.242364][T10975]  __vfs_write+0xe4/0x110
[  255.246868][T10975]  __kernel_write+0x110/0x3b0
[  255.251637][T10975]  write_pipe_buf+0x15d/0x1f0
[  255.256326][T10975]  ? aa_file_perm+0x432/0xeb0
[  255.262486][T10975]  ? do_splice_direct+0x2a0/0x2a0
[  255.262503][T10975]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  255.262516][T10975]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  255.262529][T10975]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  255.262547][T10975]  __splice_from_pipe+0x395/0x7d0
[  255.262566][T10975]  ? do_splice_direct+0x2a0/0x2a0
[  255.296239][T10975]  ? do_splice_direct+0x2a0/0x2a0
[  255.301279][T10975]  splice_from_pipe+0x108/0x170
[  255.306152][T10975]  ? splice_shrink_spd+0xd0/0xd0
[  255.311138][T10975]  default_file_splice_write+0x3c/0x90
[  255.316670][T10975]  ? generic_splice_sendpage+0x50/0x50
[  255.322153][T10975]  direct_splice_actor+0x126/0x1a0
[  255.327284][T10975]  splice_direct_to_actor+0x369/0x970
[  255.332707][T10975]  ? generic_pipe_buf_nosteal+0x10/0x10
[  255.338276][T10975]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  255.338300][T10975]  ? do_splice_to+0x190/0x190
[  255.338323][T10975]  ? rw_verify_area+0x118/0x360
[  255.354076][T10975]  do_splice_direct+0x1da/0x2a0
[  255.354096][T10975]  ? splice_direct_to_actor+0x970/0x970
[  255.354121][T10975]  ? rw_verify_area+0x118/0x360
[  255.354139][T10975]  do_sendfile+0x597/0xd00
[  255.354163][T10975]  ? do_compat_pwritev64+0x1c0/0x1c0
[  255.354185][T10975]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  255.354198][T10975]  ? _copy_from_user+0xdd/0x150
18:25:08 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x60, 0x2)

[  255.354215][T10975]  __x64_sys_sendfile64+0x15a/0x220
[  255.354234][T10975]  ? __ia32_sys_sendfile+0x230/0x230
[  255.401116][T10975]  ? do_syscall_64+0x26/0x610
[  255.401134][T10975]  ? lockdep_hardirqs_on+0x418/0x5d0
[  255.401158][T10975]  ? trace_hardirqs_on+0x67/0x230
[  255.416244][T10975]  do_syscall_64+0x103/0x610
[  255.416267][T10975]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  255.416285][T10975] RIP: 0033:0x457f29
[  255.430681][T10975] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  255.450303][T10975] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  255.458842][T10975] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  255.466832][T10975] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  255.474813][T10975] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  255.482799][T10975] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
18:25:08 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000740))
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:08 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

18:25:08 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x600, 0x2)

18:25:08 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x68, 0x2)

18:25:08 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhci\x00', 0xc0800)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="fa1e7d12a5666175642627d90e5bbfd98be1e34f11fb680415fb07b9a6f0b9eb0d4f426639d4c3f045fe35776382ee3db838a240916d4c8b2d202c4d45650e62f4aed291fa61a89b9c3a1e56840a62cc6cce2483925134252ffec56f8bafb4c7b87009da4f1320349dcc618fefc4dc1e89a4eaa6358c806465838ed6fbc2eedb8e310cd8305e7fcacf52930921d42ac22774a3f769471ca7030c2bf45a1849d831d06ade51e5096c081ad2eb667b6b0f4e1b9164b89bb42d9a494301d3a26ac77c0fc5d8a650b2b4cb4ba0ee6dbccb3891482917c4f373b2a983faac2153de18b7cb92b55755e36b8636f19fd373d861faf6ec4f9262dda9070ffddabe0c1f78080bda98777c20b3f29b5d1589b7849ee2e6c8909e1252834a105e84810dd16e0b8e5ff2a57e3ded72c69ecd83f8a3919c50a47cbeea9bf6e452d13e33def400b0b4fae02da219354a471b3f25b2d19b884ee340713bfd93e6c6c4cada330d66d7cb34adeaede6136cb7a273e281b4ab5e8d1a5b622e6ebf5b41e9861d59d4ca7686f46cbac2cd301bbe9d6c36f6f7cb18173e53a9e8439196cfa4003e23b5df2e3839d7e1f757827382671b9f15003a3cd9370f415c399cf782af887c1ccff51f6e674548e11c27cd0e03d67f389e5c6285a76584ddc5edc4c8d2a9add836e30a04b7bd90d609d7560e0bcbfa06265d8b8528c9987babd3df40af3b0d2be3a09815084db9a44d2ec351ec5ca3d5d5ab4f92073c9225b9dcc34ddcd923cfda08ed3efc456186097b904ebf7e5d82593fe55b163eeb31baac37b53bf457b7316951"], 0x2)
fcntl$addseals(r1, 0x409, 0x4)
sendfile(r0, r1, 0x0, 0x2)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000300)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x124}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=@getqdisc={0x2c, 0x26, 0x4, 0x70bd29, 0x25dfdbfb, {0x0, r2, {0x2, 0xfff7}, {0xffff, 0xfff6}, {0xf, 0x10}}, [{0x4}, {0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x805}, 0x4000)

[  255.482815][T10975] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:08 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(0xffffffffffffffff, r1, &(0x7f0000d83ff8), 0x2)

[  255.579101][T10975] Bluetooth: Can't register HCI device
18:25:08 executing program 0 (fault-call:5 fault-nth:13):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:08 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c, 0x2)

18:25:08 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x700, 0x2)

18:25:09 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x8)
close(r0)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/rtc0\x00', 0x4000, 0x0)
getsockopt$TIPC_NODE_RECVQ_DEPTH(r1, 0x10f, 0x83, &(0x7f0000001100), &(0x7f0000001140)=0x4)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="0000dc68b8c3e05fc3947fdebd00ae"], 0x2)
sendfile(r2, r2, 0x0, 0x2)
recvfrom$rose(r2, &(0x7f0000000080)=""/4096, 0x1000, 0x1, &(0x7f0000001080)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast]}, 0x40)
r3 = add_key(&(0x7f0000001240)='id_resolver\x00', &(0x7f0000001280)={'syz', 0x2}, &(0x7f00000012c0)="e050243644fbeae3249634425544c41a5a36eca95b598f09978dd76c26e05ddda3", 0x21, 0x0)
add_key$user(&(0x7f0000001180)='user\x00', &(0x7f00000011c0)={'syz', 0x1}, &(0x7f0000001200)="7d61c6885d9e10ce846a1045d0639b7e899344119e41cbd38179de35a5213e7c91a99d7d30aa35da9493", 0x2a, r3)
ioctl$DRM_IOCTL_RM_MAP(r2, 0x4028641b, &(0x7f0000000040)={&(0x7f0000ffe000/0x2000)=nil, 0x3b50, 0x3, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x855f})

18:25:09 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:09 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:25:09 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xa00, 0x2)

[  255.811756][T11022] FAULT_INJECTION: forcing a failure.
[  255.811756][T11022] name failslab, interval 1, probability 0, space 0, times 0
[  255.876697][T11022] CPU: 1 PID: 11022 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  255.885604][T11022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  255.895670][T11022] Call Trace:
[  255.898988][T11022]  dump_stack+0x172/0x1f0
[  255.903357][T11022]  should_fail.cold+0xa/0x15
[  255.907970][T11022]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  255.913796][T11022]  ? ___might_sleep+0x163/0x280
[  255.918661][T11022]  __should_failslab+0x121/0x190
[  255.923633][T11022]  should_failslab+0x9/0x14
[  255.928145][T11022]  kmem_cache_alloc_trace+0x2d1/0x760
[  255.933526][T11022]  ? rcu_read_lock_sched_held+0x110/0x130
[  255.939262][T11022]  alloc_workqueue_attrs+0x82/0x120
[  255.944475][T11022]  apply_wqattrs_prepare+0xc8/0x970
[  255.950449][T11022]  apply_workqueue_attrs_locked+0xcb/0x140
[  255.956366][T11022]  apply_workqueue_attrs+0x31/0x50
[  255.961497][T11022]  alloc_workqueue+0x84c/0xe70
[  255.966285][T11022]  ? workqueue_sysfs_register+0x3f0/0x3f0
18:25:09 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x74, 0x2)

[  255.972014][T11022]  ? __init_waitqueue_head+0x36/0x90
[  255.977406][T11022]  hci_register_dev+0x1b8/0x860
[  255.982253][T11022]  ? hci_init_sysfs+0x7c/0xa0
[  255.986937][T11022]  __vhci_create_device+0x2d0/0x5a0
[  255.992159][T11022]  vhci_write+0x2d0/0x470
[  255.996512][T11022]  new_sync_write+0x4c7/0x760
[  256.001285][T11022]  ? default_llseek+0x2e0/0x2e0
[  256.006150][T11022]  ? copy_page_to_iter+0x4e7/0xd60
[  256.011284][T11022]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  256.017705][T11022]  ? put_page+0xce/0x130
[  256.022052][T11022]  __vfs_write+0xe4/0x110
[  256.026380][T11022]  __kernel_write+0x110/0x3b0
[  256.031069][T11022]  write_pipe_buf+0x15d/0x1f0
[  256.035754][T11022]  ? aa_file_perm+0x432/0xeb0
[  256.040445][T11022]  ? do_splice_direct+0x2a0/0x2a0
[  256.045472][T11022]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  256.051709][T11022]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  256.057780][T11022]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  256.064045][T11022]  __splice_from_pipe+0x395/0x7d0
[  256.069554][T11022]  ? do_splice_direct+0x2a0/0x2a0
[  256.074595][T11022]  ? do_splice_direct+0x2a0/0x2a0
[  256.079630][T11022]  splice_from_pipe+0x108/0x170
[  256.084499][T11022]  ? splice_shrink_spd+0xd0/0xd0
[  256.089545][T11022]  default_file_splice_write+0x3c/0x90
[  256.095011][T11022]  ? generic_splice_sendpage+0x50/0x50
[  256.100476][T11022]  direct_splice_actor+0x126/0x1a0
[  256.105594][T11022]  splice_direct_to_actor+0x369/0x970
[  256.110967][T11022]  ? generic_pipe_buf_nosteal+0x10/0x10
[  256.116527][T11022]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  256.122773][T11022]  ? do_splice_to+0x190/0x190
[  256.127549][T11022]  ? rw_verify_area+0x118/0x360
[  256.132401][T11022]  do_splice_direct+0x1da/0x2a0
[  256.137253][T11022]  ? splice_direct_to_actor+0x970/0x970
[  256.143067][T11022]  ? rw_verify_area+0x118/0x360
[  256.147915][T11022]  do_sendfile+0x597/0xd00
[  256.152425][T11022]  ? do_compat_pwritev64+0x1c0/0x1c0
[  256.157700][T11022]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  256.163933][T11022]  ? _copy_from_user+0xdd/0x150
[  256.168981][T11022]  __x64_sys_sendfile64+0x15a/0x220
[  256.174362][T11022]  ? __ia32_sys_sendfile+0x230/0x230
[  256.179652][T11022]  ? do_syscall_64+0x26/0x610
[  256.184330][T11022]  ? lockdep_hardirqs_on+0x418/0x5d0
[  256.189619][T11022]  ? trace_hardirqs_on+0x67/0x230
[  256.194648][T11022]  do_syscall_64+0x103/0x610
[  256.199248][T11022]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  256.205141][T11022] RIP: 0033:0x457f29
[  256.209055][T11022] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  256.228696][T11022] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  256.237114][T11022] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  256.245164][T11022] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  256.253124][T11022] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  256.261228][T11022] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
18:25:09 executing program 0 (fault-call:5 fault-nth:14):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  256.273573][T11022] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  256.286838][T11022] Bluetooth: Can't register HCI device
18:25:09 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a, 0x2)

18:25:09 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
epoll_create(0x0)
sendfile(r0, r1, 0x0, 0x2)
ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f0000000000))

18:25:09 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

[  256.384179][T11053] FAULT_INJECTION: forcing a failure.
[  256.384179][T11053] name failslab, interval 1, probability 0, space 0, times 0
[  256.417468][T11053] CPU: 1 PID: 11053 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
18:25:09 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2000, 0x2)

[  256.426200][T11053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  256.426207][T11053] Call Trace:
[  256.426233][T11053]  dump_stack+0x172/0x1f0
[  256.426257][T11053]  should_fail.cold+0xa/0x15
[  256.426277][T11053]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  256.426300][T11053]  ? ___might_sleep+0x163/0x280
[  256.426322][T11053]  __should_failslab+0x121/0x190
[  256.426342][T11053]  should_failslab+0x9/0x14
[  256.426357][T11053]  __kmalloc+0x2dc/0x740
[  256.426375][T11053]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  256.426393][T11053]  ? pwq_adjust_max_active+0x3b6/0x5c0
[  256.426411][T11053]  ? alloc_workqueue+0x13c/0xe70
[  256.426430][T11053]  alloc_workqueue+0x13c/0xe70
[  256.426453][T11053]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  256.426474][T11053]  ? __init_waitqueue_head+0x36/0x90
[  256.489129][T11053]  hci_register_dev+0x209/0x860
[  256.489153][T11053]  __vhci_create_device+0x2d0/0x5a0
[  256.489170][T11053]  vhci_write+0x2d0/0x470
[  256.489189][T11053]  new_sync_write+0x4c7/0x760
[  256.489206][T11053]  ? default_llseek+0x2e0/0x2e0
[  256.489223][T11053]  ? copy_page_to_iter+0x4e7/0xd60
[  256.489243][T11053]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  256.489258][T11053]  ? put_page+0xce/0x130
[  256.489283][T11053]  __vfs_write+0xe4/0x110
[  256.549541][T11053]  __kernel_write+0x110/0x3b0
[  256.554234][T11053]  write_pipe_buf+0x15d/0x1f0
[  256.558958][T11053]  ? aa_file_perm+0x432/0xeb0
[  256.563653][T11053]  ? do_splice_direct+0x2a0/0x2a0
[  256.568696][T11053]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  256.574950][T11053]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  256.581072][T11053]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  256.587336][T11053]  __splice_from_pipe+0x395/0x7d0
[  256.592537][T11053]  ? do_splice_direct+0x2a0/0x2a0
[  256.597835][T11053]  ? do_splice_direct+0x2a0/0x2a0
[  256.602880][T11053]  splice_from_pipe+0x108/0x170
[  256.607737][T11053]  ? splice_shrink_spd+0xd0/0xd0
[  256.612674][T11053]  default_file_splice_write+0x3c/0x90
[  256.618137][T11053]  ? generic_splice_sendpage+0x50/0x50
[  256.623606][T11053]  direct_splice_actor+0x126/0x1a0
[  256.628705][T11053]  splice_direct_to_actor+0x369/0x970
[  256.634068][T11053]  ? generic_pipe_buf_nosteal+0x10/0x10
[  256.639620][T11053]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  256.645864][T11053]  ? do_splice_to+0x190/0x190
[  256.650550][T11053]  ? rw_verify_area+0x118/0x360
[  256.655401][T11053]  do_splice_direct+0x1da/0x2a0
[  256.660258][T11053]  ? splice_direct_to_actor+0x970/0x970
[  256.665816][T11053]  ? rw_verify_area+0x118/0x360
[  256.670693][T11053]  do_sendfile+0x597/0xd00
[  256.675142][T11053]  ? do_compat_pwritev64+0x1c0/0x1c0
[  256.680581][T11053]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  256.686862][T11053]  ? _copy_from_user+0xdd/0x150
[  256.691744][T11053]  __x64_sys_sendfile64+0x15a/0x220
[  256.697088][T11053]  ? __ia32_sys_sendfile+0x230/0x230
[  256.702577][T11053]  ? do_syscall_64+0x26/0x610
[  256.707262][T11053]  ? lockdep_hardirqs_on+0x418/0x5d0
[  256.712630][T11053]  ? trace_hardirqs_on+0x67/0x230
[  256.717667][T11053]  do_syscall_64+0x103/0x610
[  256.722375][T11053]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  256.728287][T11053] RIP: 0033:0x457f29
[  256.732184][T11053] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  256.751980][T11053] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  256.760422][T11053] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  256.768678][T11053] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  256.776661][T11053] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
18:25:10 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
connect$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x1}}, 0x10)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000280)=0x1f)

[  256.784637][T11053] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  256.792610][T11053] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  256.802582][T11053] Bluetooth: Can't register HCI device
18:25:10 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000d83ff8), 0x2)

18:25:10 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e00, 0x2)

18:25:10 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r1, &(0x7f00000001c0)="3f9dea859058b3131e05ce0abb0d849567332a5fc8e9e7a6cb77028dd4897dab6db33f3079dfc7fc2c48332a67", &(0x7f0000000200)=""/58}, 0x18)
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYRES64=r0], 0x8)
sendfile(r0, r1, 0x0, 0x2)

18:25:10 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x204, 0x2)

18:25:10 executing program 0 (fault-call:5 fault-nth:15):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:10 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
ioctl$KDGETLED(r1, 0x4b31, &(0x7f0000000000))
sendfile(r0, r1, 0x0, 0x2)

18:25:10 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  257.044832][T11090] FAULT_INJECTION: forcing a failure.
[  257.044832][T11090] name failslab, interval 1, probability 0, space 0, times 0
[  257.075534][T11090] CPU: 1 PID: 11090 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  257.084369][T11090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
18:25:10 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x300, 0x2)

18:25:10 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3f00, 0x2)

[  257.094438][T11090] Call Trace:
[  257.097753][T11090]  dump_stack+0x172/0x1f0
[  257.102111][T11090]  should_fail.cold+0xa/0x15
[  257.106712][T11090]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  257.113073][T11090]  ? ___might_sleep+0x163/0x280
[  257.117949][T11090]  __should_failslab+0x121/0x190
[  257.122895][T11090]  should_failslab+0x9/0x14
[  257.127406][T11090]  __kmalloc+0x2dc/0x740
[  257.131662][T11090]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  257.137395][T11090]  ? pwq_adjust_max_active+0x3b6/0x5c0
[  257.142866][T11090]  ? alloc_workqueue+0x13c/0xe70
[  257.147829][T11090]  alloc_workqueue+0x13c/0xe70
[  257.152616][T11090]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  257.158361][T11090]  ? __init_waitqueue_head+0x36/0x90
[  257.163670][T11090]  hci_register_dev+0x209/0x860
[  257.168547][T11090]  __vhci_create_device+0x2d0/0x5a0
[  257.173855][T11090]  vhci_write+0x2d0/0x470
[  257.178203][T11090]  new_sync_write+0x4c7/0x760
[  257.182902][T11090]  ? default_llseek+0x2e0/0x2e0
[  257.187760][T11090]  ? copy_page_to_iter+0x4e7/0xd60
[  257.192911][T11090]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  257.199293][T11090]  ? put_page+0xce/0x130
[  257.199324][T11090]  __vfs_write+0xe4/0x110
[  257.199344][T11090]  __kernel_write+0x110/0x3b0
[  257.199363][T11090]  write_pipe_buf+0x15d/0x1f0
[  257.199378][T11090]  ? aa_file_perm+0x432/0xeb0
[  257.199391][T11090]  ? do_splice_direct+0x2a0/0x2a0
[  257.199407][T11090]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  257.199421][T11090]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  257.199435][T11090]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  257.199454][T11090]  __splice_from_pipe+0x395/0x7d0
[  257.199469][T11090]  ? do_splice_direct+0x2a0/0x2a0
[  257.199489][T11090]  ? do_splice_direct+0x2a0/0x2a0
[  257.199501][T11090]  splice_from_pipe+0x108/0x170
[  257.199522][T11090]  ? splice_shrink_spd+0xd0/0xd0
[  257.213322][T11090]  default_file_splice_write+0x3c/0x90
[  257.213339][T11090]  ? generic_splice_sendpage+0x50/0x50
[  257.213357][T11090]  direct_splice_actor+0x126/0x1a0
[  257.213375][T11090]  splice_direct_to_actor+0x369/0x970
18:25:10 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

[  257.213395][T11090]  ? generic_pipe_buf_nosteal+0x10/0x10
[  257.233975][T11090]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  257.233993][T11090]  ? do_splice_to+0x190/0x190
[  257.234014][T11090]  ? rw_verify_area+0x118/0x360
[  257.234042][T11090]  do_splice_direct+0x1da/0x2a0
[  257.234059][T11090]  ? splice_direct_to_actor+0x970/0x970
[  257.234082][T11090]  ? rw_verify_area+0x118/0x360
[  257.234098][T11090]  do_sendfile+0x597/0xd00
[  257.234123][T11090]  ? do_compat_pwritev64+0x1c0/0x1c0
[  257.234141][T11090]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  257.234154][T11090]  ? _copy_from_user+0xdd/0x150
[  257.234170][T11090]  __x64_sys_sendfile64+0x15a/0x220
[  257.234183][T11090]  ? __ia32_sys_sendfile+0x230/0x230
[  257.234197][T11090]  ? do_syscall_64+0x26/0x610
[  257.234211][T11090]  ? lockdep_hardirqs_on+0x418/0x5d0
[  257.234226][T11090]  ? trace_hardirqs_on+0x67/0x230
[  257.234243][T11090]  do_syscall_64+0x103/0x610
[  257.234260][T11090]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  257.234271][T11090] RIP: 0033:0x457f29
[  257.234286][T11090] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  257.234293][T11090] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  257.234307][T11090] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  257.234315][T11090] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  257.234322][T11090] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  257.234330][T11090] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  257.234337][T11090] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  257.452661][T11090] Bluetooth: Can't register HCI device
18:25:10 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x402, 0x2)

18:25:10 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4000, 0x2)

18:25:10 executing program 0 (fault-call:5 fault-nth:16):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:10 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:10 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x1)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:10 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4800, 0x2)

18:25:10 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x500, 0x2)

[  257.698610][T11124] FAULT_INJECTION: forcing a failure.
[  257.698610][T11124] name failslab, interval 1, probability 0, space 0, times 0
[  257.773973][T11124] CPU: 1 PID: 11124 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  257.782723][T11124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  257.792799][T11124] Call Trace:
[  257.796114][T11124]  dump_stack+0x172/0x1f0
[  257.800466][T11124]  should_fail.cold+0xa/0x15
[  257.805089][T11124]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  257.810916][T11124]  ? ___might_sleep+0x163/0x280
[  257.816260][T11124]  __should_failslab+0x121/0x190
[  257.821187][T11124]  should_failslab+0x9/0x14
[  257.825678][T11124]  __kmalloc_track_caller+0x2d8/0x740
[  257.831055][T11124]  ? pointer+0x910/0x910
[  257.835302][T11124]  ? set_precision+0x180/0x180
[  257.840171][T11124]  ? fs_reclaim_acquire.part.0+0x30/0x30
[  257.845824][T11124]  ? kasprintf+0xbb/0xf0
[  257.850116][T11124]  kvasprintf+0xc8/0x170
[  257.854375][T11124]  ? bust_spinlocks+0xe0/0xe0
[  257.859076][T11124]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  257.864813][T11124]  ? find_next_bit+0x107/0x130
[  257.869590][T11124]  kasprintf+0xbb/0xf0
[  257.873668][T11124]  ? kvasprintf_const+0x190/0x190
[  257.878712][T11124]  ? kasan_check_read+0x11/0x20
[  257.883576][T11124]  alloc_workqueue+0x442/0xe70
[  257.888364][T11124]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  257.894088][T11124]  ? __init_waitqueue_head+0x36/0x90
[  257.899365][T11124]  hci_register_dev+0x209/0x860
[  257.904212][T11124]  __vhci_create_device+0x2d0/0x5a0
[  257.909414][T11124]  vhci_write+0x2d0/0x470
[  257.914160][T11124]  new_sync_write+0x4c7/0x760
[  257.918834][T11124]  ? default_llseek+0x2e0/0x2e0
[  257.923760][T11124]  ? copy_page_to_iter+0x4e7/0xd60
[  257.928858][T11124]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  257.935129][T11124]  ? put_page+0xce/0x130
[  257.939380][T11124]  __vfs_write+0xe4/0x110
[  257.943877][T11124]  __kernel_write+0x110/0x3b0
[  257.948546][T11124]  write_pipe_buf+0x15d/0x1f0
[  257.953228][T11124]  ? aa_file_perm+0x432/0xeb0
[  257.958143][T11124]  ? do_splice_direct+0x2a0/0x2a0
[  257.963161][T11124]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  257.969392][T11124]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  257.975536][T11124]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  257.981769][T11124]  __splice_from_pipe+0x395/0x7d0
[  257.986795][T11124]  ? do_splice_direct+0x2a0/0x2a0
[  257.991823][T11124]  ? do_splice_direct+0x2a0/0x2a0
[  257.996849][T11124]  splice_from_pipe+0x108/0x170
[  258.001709][T11124]  ? splice_shrink_spd+0xd0/0xd0
[  258.007167][T11124]  default_file_splice_write+0x3c/0x90
[  258.012651][T11124]  ? generic_splice_sendpage+0x50/0x50
[  258.018514][T11124]  direct_splice_actor+0x126/0x1a0
[  258.023723][T11124]  splice_direct_to_actor+0x369/0x970
[  258.029093][T11124]  ? generic_pipe_buf_nosteal+0x10/0x10
[  258.034811][T11124]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  258.041764][T11124]  ? do_splice_to+0x190/0x190
[  258.046441][T11124]  ? rw_verify_area+0x118/0x360
[  258.051310][T11124]  do_splice_direct+0x1da/0x2a0
[  258.056155][T11124]  ? splice_direct_to_actor+0x970/0x970
[  258.061837][T11124]  ? rw_verify_area+0x118/0x360
[  258.066684][T11124]  do_sendfile+0x597/0xd00
[  258.071151][T11124]  ? do_compat_pwritev64+0x1c0/0x1c0
[  258.076438][T11124]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  258.082666][T11124]  ? _copy_from_user+0xdd/0x150
[  258.087507][T11124]  __x64_sys_sendfile64+0x15a/0x220
[  258.092745][T11124]  ? __ia32_sys_sendfile+0x230/0x230
[  258.098148][T11124]  ? do_syscall_64+0x26/0x610
[  258.102826][T11124]  ? lockdep_hardirqs_on+0x418/0x5d0
[  258.108123][T11124]  ? trace_hardirqs_on+0x67/0x230
[  258.113164][T11124]  do_syscall_64+0x103/0x610
[  258.118266][T11124]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  258.124161][T11124] RIP: 0033:0x457f29
[  258.128097][T11124] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  258.151383][T11124] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  258.159807][T11124] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  258.167766][T11124] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
18:25:11 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:11 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

[  258.175827][T11124] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  258.183810][T11124] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  258.191798][T11124] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:11 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x200, 0x0)
ioctl$TIOCLINUX5(r1, 0x541c, &(0x7f0000000040)={0x5, 0x20000, 0x56d, 0x5, 0x2})
ioctl$TIOCMBIS(r1, 0x5416, &(0x7f0000000280)=0xc789)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = gettid()
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00')
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r3, 0x0, 0x70bd2b, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3f}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8d0)
fcntl$getownex(r1, 0x10, &(0x7f0000000080))
kcmp$KCMP_EPOLL_TFD(r2, r2, 0x7, r0, &(0x7f00000000c0)={r1, r0, 0x2})
ioctl$UI_DEV_CREATE(r1, 0x5501)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$BLKSECTGET(r4, 0x1267, &(0x7f00000002c0))
write$P9_RLERRORu(r1, &(0x7f0000000140)=ANY=[@ANYRESDEC=0x0], 0x112)
sendfile(r4, r4, 0x0, 0x7c)
ioctl$VT_RELDISP(r4, 0x5605)

18:25:11 executing program 0 (fault-call:5 fault-nth:17):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:11 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x600, 0x2)

18:25:11 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c00, 0x2)

18:25:11 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:25:11 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
timer_delete(0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
truncate(&(0x7f0000000080)='./file0\x00', 0x5)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  258.412752][T11160] FAULT_INJECTION: forcing a failure.
[  258.412752][T11160] name failslab, interval 1, probability 0, space 0, times 0
[  258.478851][T11160] CPU: 0 PID: 11160 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  258.487609][T11160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  258.487627][T11160] Call Trace:
[  258.501003][T11160]  dump_stack+0x172/0x1f0
[  258.505366][T11160]  should_fail.cold+0xa/0x15
[  258.509974][T11160]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  258.515979][T11160]  ? ___might_sleep+0x163/0x280
[  258.520883][T11160]  __should_failslab+0x121/0x190
[  258.525832][T11160]  should_failslab+0x9/0x14
[  258.525849][T11160]  __kmalloc+0x2dc/0x740
[  258.525877][T11160]  ? apply_wqattrs_prepare+0xae/0x970
[  258.539990][T11160]  apply_wqattrs_prepare+0xae/0x970
[  258.545229][T11160]  apply_workqueue_attrs_locked+0xcb/0x140
[  258.551082][T11160]  apply_workqueue_attrs+0x31/0x50
[  258.556217][T11160]  alloc_workqueue+0x84c/0xe70
[  258.561039][T11160]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  258.566807][T11160]  ? __init_waitqueue_head+0x36/0x90
[  258.572125][T11160]  hci_register_dev+0x209/0x860
[  258.577005][T11160]  __vhci_create_device+0x2d0/0x5a0
[  258.582350][T11160]  vhci_write+0x2d0/0x470
[  258.586734][T11160]  new_sync_write+0x4c7/0x760
[  258.591463][T11160]  ? default_llseek+0x2e0/0x2e0
[  258.596340][T11160]  ? copy_page_to_iter+0x4e7/0xd60
[  258.601510][T11160]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  258.607767][T11160]  ? put_page+0xce/0x130
[  258.612041][T11160]  __vfs_write+0xe4/0x110
[  258.616409][T11160]  __kernel_write+0x110/0x3b0
[  258.621108][T11160]  write_pipe_buf+0x15d/0x1f0
[  258.625799][T11160]  ? aa_file_perm+0x432/0xeb0
[  258.630492][T11160]  ? do_splice_direct+0x2a0/0x2a0
[  258.635599][T11160]  ? acpi_event_init+0x42/0x8c
[  258.640371][T11160]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  258.646622][T11160]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  258.652704][T11160]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  258.652725][T11160]  __splice_from_pipe+0x395/0x7d0
[  258.652740][T11160]  ? do_splice_direct+0x2a0/0x2a0
[  258.652760][T11160]  ? do_splice_direct+0x2a0/0x2a0
[  258.669074][T11160]  splice_from_pipe+0x108/0x170
[  258.669093][T11160]  ? splice_shrink_spd+0xd0/0xd0
[  258.669122][T11160]  default_file_splice_write+0x3c/0x90
[  258.669136][T11160]  ? generic_splice_sendpage+0x50/0x50
[  258.669156][T11160]  direct_splice_actor+0x126/0x1a0
[  258.700165][T11160]  splice_direct_to_actor+0x369/0x970
[  258.705551][T11160]  ? generic_pipe_buf_nosteal+0x10/0x10
[  258.711134][T11160]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  258.717512][T11160]  ? do_splice_to+0x190/0x190
[  258.722207][T11160]  ? rw_verify_area+0x118/0x360
[  258.727091][T11160]  do_splice_direct+0x1da/0x2a0
[  258.731964][T11160]  ? splice_direct_to_actor+0x970/0x970
[  258.737630][T11160]  ? rw_verify_area+0x118/0x360
[  258.742490][T11160]  do_sendfile+0x597/0xd00
[  258.747115][T11160]  ? do_compat_pwritev64+0x1c0/0x1c0
[  258.752526][T11160]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  258.758904][T11160]  ? _copy_from_user+0xdd/0x150
[  258.763781][T11160]  __x64_sys_sendfile64+0x15a/0x220
[  258.768996][T11160]  ? __ia32_sys_sendfile+0x230/0x230
[  258.774304][T11160]  ? do_syscall_64+0x26/0x610
[  258.779002][T11160]  ? lockdep_hardirqs_on+0x418/0x5d0
[  258.784484][T11160]  ? trace_hardirqs_on+0x67/0x230
[  258.789527][T11160]  do_syscall_64+0x103/0x610
[  258.794148][T11160]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  258.800067][T11160] RIP: 0033:0x457f29
[  258.804069][T11160] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:25:11 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x700, 0x2)

18:25:11 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x7)
rseq(&(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x1, 0x7f, 0x19, 0x9}, 0x1}, 0x20, 0x1, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)
getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000), 0x10)

18:25:11 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2000, 0x2)

18:25:11 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r2, 0x501, 0x70bd2a, 0x25dfdbfe, {{}, 0x0, 0x4102, 0x0, {0x10, 0x13, @l2={'eth', 0x3a, 'ip_vti0\x00'}}}, ["", "", ""]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:12 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

[  258.804078][T11160] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  258.804093][T11160] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  258.804101][T11160] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  258.804110][T11160] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  258.804126][T11160] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  258.856728][T11160] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:12 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6000, 0x2)

18:25:12 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
write$binfmt_elf64(r0, &(0x7f00000000c0)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0x0, 0x7, 0x5, 0x3bc0, 0x3, 0x7, 0x5d, 0x3c9, 0x40, 0x19e, 0x200000000, 0x2, 0x38, 0x1, 0x7, 0xb59, 0x1f}, [{0x3, 0x3, 0x8, 0x8001, 0x5, 0x7b, 0x2, 0xffffffff}], "7974bf9144102ef660e0562b61aac820f29976e5846d919542f3aa95c78a48f88321f24877c35a18ee7fa0a1355a219f7e186f125690e598bd76ee569aae583cd5abd36eb48d1ca42957f73154aa7f1468054fd6dc96cfe2a9ada348a661801d71204d235ba0675825d954f9cccbe86765097ad4e3f512811b2ec36dd8cfa43fd901930eead8183cf4a4014ca123ebf757bdd33cd5e06165a650ff440448ce2b1ed50a09f0e5cae4f3c0334cba19d31c0bff5d761e6c46a0b633c003a8bcd53c50dc37ce32c383ba5bf66613026c25c912a2326bb26719bfc2f309ee532276f7e09b645f99b43efaf4d0f6255bea979df1d09fc51f4575", [[], [], [], []]}, 0x56f)
close(r0)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000040)='./bus\x00', &(0x7f0000000640)='trusted.overlay.opaque\x00', &(0x7f0000000680)='y\x00', 0x2, 0x3)
openat$vhci(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/vhci\x00', 0x7)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000000))
sendfile(r0, r1, 0x0, 0x2)

[  258.886205][T11160] Bluetooth: Can't register HCI device
18:25:12 executing program 0 (fault-call:5 fault-nth:18):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:12 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e00, 0x2)

18:25:12 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:12 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
ioctl$KVM_S390_VCPU_FAULT(r1, 0x4008ae52, &(0x7f0000000040)=0xffffffff)
ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x3000})

18:25:12 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x0)

18:25:12 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6087, 0x2)

18:25:12 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3f00, 0x2)

[  259.118933][T11213] FAULT_INJECTION: forcing a failure.
[  259.118933][T11213] name failslab, interval 1, probability 0, space 0, times 0
[  259.149258][T11213] CPU: 0 PID: 11213 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  259.158004][T11213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  259.158011][T11213] Call Trace:
[  259.158051][T11213]  dump_stack+0x172/0x1f0
[  259.158075][T11213]  should_fail.cold+0xa/0x15
[  259.158096][T11213]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  259.158120][T11213]  ? ___might_sleep+0x163/0x280
[  259.158142][T11213]  __should_failslab+0x121/0x190
[  259.158161][T11213]  should_failslab+0x9/0x14
[  259.158178][T11213]  __kmalloc+0x2dc/0x740
[  259.158203][T11213]  ? apply_wqattrs_prepare+0xae/0x970
[  259.196067][T11213]  apply_wqattrs_prepare+0xae/0x970
[  259.196095][T11213]  apply_workqueue_attrs_locked+0xcb/0x140
[  259.196113][T11213]  apply_workqueue_attrs+0x31/0x50
[  259.196130][T11213]  alloc_workqueue+0x84c/0xe70
[  259.196153][T11213]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  259.196176][T11213]  ? __init_waitqueue_head+0x36/0x90
[  259.196198][T11213]  hci_register_dev+0x209/0x860
[  259.196220][T11213]  __vhci_create_device+0x2d0/0x5a0
[  259.196238][T11213]  vhci_write+0x2d0/0x470
[  259.196259][T11213]  new_sync_write+0x4c7/0x760
[  259.196277][T11213]  ? default_llseek+0x2e0/0x2e0
[  259.196304][T11213]  ? copy_page_to_iter+0x4e7/0xd60
[  259.196331][T11213]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  259.278162][T11213]  ? put_page+0xce/0x130
[  259.282867][T11213]  __vfs_write+0xe4/0x110
[  259.287214][T11213]  __kernel_write+0x110/0x3b0
[  259.292078][T11213]  write_pipe_buf+0x15d/0x1f0
[  259.296767][T11213]  ? aa_file_perm+0x432/0xeb0
[  259.301470][T11213]  ? do_splice_direct+0x2a0/0x2a0
[  259.306612][T11213]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  259.312860][T11213]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  259.318914][T11213]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  259.325163][T11213]  __splice_from_pipe+0x395/0x7d0
[  259.330186][T11213]  ? do_splice_direct+0x2a0/0x2a0
[  259.335235][T11213]  ? do_splice_direct+0x2a0/0x2a0
[  259.340257][T11213]  splice_from_pipe+0x108/0x170
[  259.345702][T11213]  ? splice_shrink_spd+0xd0/0xd0
[  259.350638][T11213]  default_file_splice_write+0x3c/0x90
[  259.356102][T11213]  ? generic_splice_sendpage+0x50/0x50
[  259.361566][T11213]  direct_splice_actor+0x126/0x1a0
[  259.366684][T11213]  splice_direct_to_actor+0x369/0x970
18:25:12 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  259.372084][T11213]  ? generic_pipe_buf_nosteal+0x10/0x10
[  259.377624][T11213]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  259.383984][T11213]  ? do_splice_to+0x190/0x190
[  259.388674][T11213]  ? rw_verify_area+0x118/0x360
[  259.393948][T11213]  do_splice_direct+0x1da/0x2a0
[  259.398833][T11213]  ? splice_direct_to_actor+0x970/0x970
[  259.404406][T11213]  ? rw_verify_area+0x118/0x360
[  259.409263][T11213]  do_sendfile+0x597/0xd00
[  259.413789][T11213]  ? do_compat_pwritev64+0x1c0/0x1c0
18:25:12 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4000, 0x2)

[  259.419078][T11213]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  259.425428][T11213]  ? _copy_from_user+0xdd/0x150
[  259.430301][T11213]  __x64_sys_sendfile64+0x15a/0x220
[  259.435712][T11213]  ? __ia32_sys_sendfile+0x230/0x230
[  259.441013][T11213]  ? do_syscall_64+0x26/0x610
[  259.445717][T11213]  ? lockdep_hardirqs_on+0x418/0x5d0
[  259.451010][T11213]  ? trace_hardirqs_on+0x67/0x230
[  259.451041][T11213]  do_syscall_64+0x103/0x610
[  259.451081][T11213]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  259.466883][T11213] RIP: 0033:0x457f29
18:25:12 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
r2 = request_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='/dev/vhci\x00', 0xfffffffffffffffa)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000000c0)={r2, 0x8, 0x10000}, 0x0, &(0x7f0000000100)="27775d886081de1ee99500e898afc20a937ce665bdd10e8f246e5b784632d96ccee4534116fdc142b993569394fd46be39d443c1b80a9d1103855de33449f78281993b31046af6bcabc00a11c062ab16e22509a10b30b9307a594a7c64b3657d75b18eb649fb23b4d424510b9d330205f74c7d7944c16f5e6e09ee71372f4080f23b7e126219a314b88efbef854afd1fd478cb6bb32a1c2f2047c1c4694981b63857eeb0cb77e4cfba1448755790ac8ee5968f779b21b48d45679d0da53d3c126793f5da0360715701c0aa9c4cb8e62a6d6897f0badbc68f639852a95ef8b338132db839bc0097429a942dd1d496186b37c7", &(0x7f0000000200)="8ba61b2ca59ea522ce4dca178ed17a340886e75694bb8deba520583b1ffa7e7ba9f8a1790283808939e41d2b33faffd4cf279f75bc2cd1669dcd87c40abafe1585b14f5e5dbdad8bc551f03d4d3c49108fe633e1e52e0a867cef59029f0a5c7f27c6972303e6e466b92f77fe498a131cdf14ae42fb74793fd18b3522b48a8f4a57e5fccd1119f50ce9d526f1eea33a4c81964fbfd4b03e717b34884e1e59541c6c0988df9d82bb22d10417f3f084cac82a498876c1fef4846df23d8c75a7cae79aa9a752756f3edc6a9219b4afa832a906d31ba6052a911793915e885f73913f62f92595fbb47b937214d0c20a5a689080fa0b05982e")
write$P9_RLERRORu(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="bad0d669cdff7d9a72abcfb4d58104e123ba0566e0e6dcaafb9075c2be7815be3f5a2e6534cc4872caedf56cbace81c95c686423cbd844e588cc5e5aeb0d9cc6b042b3602082608c22295f99aa14bfcf1e0b604b8a55e5ac7a263e63546f16d05f276bdd5d46af2c23ec7e9329c3c2f4e5"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:12 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6800, 0x2)

[  259.466900][T11213] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  259.466908][T11213] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  259.466923][T11213] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  259.466932][T11213] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  259.466940][T11213] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  259.466948][T11213] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  259.466957][T11213] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  259.513517][T11213] Bluetooth: Can't register HCI device
18:25:12 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4800, 0x2)

18:25:12 executing program 0 (fault-call:5 fault-nth:19):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:12 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  259.726960][T11243] FAULT_INJECTION: forcing a failure.
[  259.726960][T11243] name failslab, interval 1, probability 0, space 0, times 0
[  259.772441][T11243] CPU: 1 PID: 11243 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  259.781177][T11243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  259.791242][T11243] Call Trace:
[  259.794565][T11243]  dump_stack+0x172/0x1f0
[  259.798931][T11243]  should_fail.cold+0xa/0x15
[  259.803635][T11243]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  259.809451][T11243]  ? ___might_sleep+0x163/0x280
[  259.814310][T11243]  __should_failslab+0x121/0x190
[  259.819256][T11243]  should_failslab+0x9/0x14
[  259.823762][T11243]  kmem_cache_alloc_trace+0x2d1/0x760
[  259.829142][T11243]  ? rcu_read_lock_sched_held+0x110/0x130
[  259.834868][T11243]  ? __kmalloc+0x5d5/0x740
[  259.839300][T11243]  alloc_workqueue_attrs+0x82/0x120
[  259.844497][T11243]  apply_wqattrs_prepare+0xc8/0x970
[  259.849710][T11243]  apply_workqueue_attrs_locked+0xcb/0x140
[  259.856055][T11243]  apply_workqueue_attrs+0x31/0x50
[  259.861186][T11243]  alloc_workqueue+0x84c/0xe70
[  259.866017][T11243]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  259.871765][T11243]  ? __init_waitqueue_head+0x36/0x90
[  259.877071][T11243]  hci_register_dev+0x209/0x860
[  259.881926][T11243]  __vhci_create_device+0x2d0/0x5a0
[  259.887113][T11243]  vhci_write+0x2d0/0x470
[  259.891438][T11243]  new_sync_write+0x4c7/0x760
[  259.896140][T11243]  ? default_llseek+0x2e0/0x2e0
[  259.901003][T11243]  ? copy_page_to_iter+0x4e7/0xd60
[  259.906115][T11243]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  259.912352][T11243]  ? put_page+0xce/0x130
[  259.916697][T11243]  __vfs_write+0xe4/0x110
[  259.921126][T11243]  __kernel_write+0x110/0x3b0
[  259.925794][T11243]  write_pipe_buf+0x15d/0x1f0
[  259.930468][T11243]  ? aa_file_perm+0x432/0xeb0
[  259.935150][T11243]  ? do_splice_direct+0x2a0/0x2a0
[  259.940198][T11243]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  259.946453][T11243]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  259.952996][T11243]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  259.959252][T11243]  __splice_from_pipe+0x395/0x7d0
[  259.964287][T11243]  ? do_splice_direct+0x2a0/0x2a0
[  259.969328][T11243]  ? do_splice_direct+0x2a0/0x2a0
[  259.974387][T11243]  splice_from_pipe+0x108/0x170
[  259.979240][T11243]  ? splice_shrink_spd+0xd0/0xd0
[  259.984174][T11243]  default_file_splice_write+0x3c/0x90
[  259.989632][T11243]  ? generic_splice_sendpage+0x50/0x50
[  259.995101][T11243]  direct_splice_actor+0x126/0x1a0
[  260.000228][T11243]  splice_direct_to_actor+0x369/0x970
[  260.005591][T11243]  ? generic_pipe_buf_nosteal+0x10/0x10
[  260.011228][T11243]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  260.017494][T11243]  ? do_splice_to+0x190/0x190
[  260.022162][T11243]  ? rw_verify_area+0x118/0x360
[  260.027009][T11243]  do_splice_direct+0x1da/0x2a0
[  260.031974][T11243]  ? splice_direct_to_actor+0x970/0x970
[  260.037529][T11243]  ? rw_verify_area+0x118/0x360
[  260.042406][T11243]  do_sendfile+0x597/0xd00
[  260.046929][T11243]  ? do_compat_pwritev64+0x1c0/0x1c0
[  260.052729][T11243]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  260.058972][T11243]  ? _copy_from_user+0xdd/0x150
[  260.063843][T11243]  __x64_sys_sendfile64+0x15a/0x220
[  260.069061][T11243]  ? __ia32_sys_sendfile+0x230/0x230
[  260.074357][T11243]  ? do_syscall_64+0x26/0x610
[  260.079049][T11243]  ? lockdep_hardirqs_on+0x418/0x5d0
[  260.084334][T11243]  ? trace_hardirqs_on+0x67/0x230
[  260.089358][T11243]  do_syscall_64+0x103/0x610
[  260.093959][T11243]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  260.099842][T11243] RIP: 0033:0x457f29
[  260.103732][T11243] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:25:13 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:13 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c00, 0x2)

18:25:13 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x408042, 0x0)
r2 = gettid()
fcntl$setown(r0, 0x8, r2)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:13 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c00, 0x2)

[  260.123319][T11243] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  260.131897][T11243] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  260.139867][T11243] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  260.147830][T11243] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  260.156549][T11243] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  260.164507][T11243] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  260.201268][T11243] Bluetooth: Can't register HCI device
18:25:13 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:13 executing program 0 (fault-call:5 fault-nth:20):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:13 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x5, 0x2)

18:25:13 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7400, 0x2)

18:25:13 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6000, 0x2)

18:25:13 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0], 0x14)
sendfile(r0, r1, 0x0, 0x2)

[  260.408409][T11270] FAULT_INJECTION: forcing a failure.
[  260.408409][T11270] name failslab, interval 1, probability 0, space 0, times 0
[  260.474200][T11270] CPU: 0 PID: 11270 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  260.483069][T11270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  260.493140][T11270] Call Trace:
[  260.493172][T11270]  dump_stack+0x172/0x1f0
[  260.500768][T11270]  should_fail.cold+0xa/0x15
[  260.500785][T11270]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  260.500803][T11270]  ? ___might_sleep+0x163/0x280
[  260.500822][T11270]  __should_failslab+0x121/0x190
[  260.500846][T11270]  should_failslab+0x9/0x14
[  260.525481][T11270]  kmem_cache_alloc_trace+0x2d1/0x760
[  260.530868][T11270]  ? rcu_read_lock_sched_held+0x110/0x130
[  260.536630][T11270]  ? __kmalloc+0x5d5/0x740
[  260.541175][T11270]  alloc_workqueue_attrs+0x82/0x120
[  260.546477][T11270]  apply_wqattrs_prepare+0xc8/0x970
[  260.551851][T11270]  apply_workqueue_attrs_locked+0xcb/0x140
[  260.557663][T11270]  apply_workqueue_attrs+0x31/0x50
[  260.562973][T11270]  alloc_workqueue+0x84c/0xe70
[  260.567786][T11270]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  260.573539][T11270]  ? __init_waitqueue_head+0x36/0x90
[  260.573566][T11270]  hci_register_dev+0x209/0x860
[  260.573590][T11270]  __vhci_create_device+0x2d0/0x5a0
[  260.573610][T11270]  vhci_write+0x2d0/0x470
[  260.583757][T11270]  new_sync_write+0x4c7/0x760
[  260.583777][T11270]  ? default_llseek+0x2e0/0x2e0
[  260.583795][T11270]  ? copy_page_to_iter+0x4e7/0xd60
[  260.583821][T11270]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  260.614187][T11270]  ? put_page+0xce/0x130
[  260.618449][T11270]  __vfs_write+0xe4/0x110
18:25:13 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0a42105d18c0f9c9d9a5d0f918678244fb751d20de882c5ce563a98c95e233e523d13a0e6fce18423737ae8617edf7b8a2d"], 0x33)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:13 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6087, 0x2)

[  260.622789][T11270]  __kernel_write+0x110/0x3b0
[  260.627474][T11270]  write_pipe_buf+0x15d/0x1f0
[  260.632158][T11270]  ? aa_file_perm+0x432/0xeb0
[  260.636932][T11270]  ? do_splice_direct+0x2a0/0x2a0
[  260.641968][T11270]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  260.648228][T11270]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  260.654313][T11270]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  260.660572][T11270]  __splice_from_pipe+0x395/0x7d0
[  260.665605][T11270]  ? do_splice_direct+0x2a0/0x2a0
18:25:13 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6800, 0x2)

[  260.670640][T11270]  ? do_splice_direct+0x2a0/0x2a0
[  260.675706][T11270]  splice_from_pipe+0x108/0x170
[  260.680650][T11270]  ? splice_shrink_spd+0xd0/0xd0
[  260.685780][T11270]  default_file_splice_write+0x3c/0x90
[  260.691252][T11270]  ? generic_splice_sendpage+0x50/0x50
[  260.696737][T11270]  direct_splice_actor+0x126/0x1a0
[  260.701866][T11270]  splice_direct_to_actor+0x369/0x970
[  260.707250][T11270]  ? generic_pipe_buf_nosteal+0x10/0x10
[  260.712843][T11270]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  260.719096][T11270]  ? do_splice_to+0x190/0x190
18:25:14 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c00, 0x2)

[  260.723774][T11270]  ? rw_verify_area+0x118/0x360
[  260.728619][T11270]  do_splice_direct+0x1da/0x2a0
[  260.733580][T11270]  ? splice_direct_to_actor+0x970/0x970
[  260.739178][T11270]  ? rw_verify_area+0x118/0x360
[  260.744061][T11270]  do_sendfile+0x597/0xd00
[  260.748500][T11270]  ? do_compat_pwritev64+0x1c0/0x1c0
[  260.753802][T11270]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  260.760075][T11270]  ? _copy_from_user+0xdd/0x150
[  260.764960][T11270]  __x64_sys_sendfile64+0x15a/0x220
[  260.770174][T11270]  ? __ia32_sys_sendfile+0x230/0x230
18:25:14 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7400, 0x2)

[  260.775471][T11270]  ? do_syscall_64+0x26/0x610
[  260.780149][T11270]  ? lockdep_hardirqs_on+0x418/0x5d0
[  260.785561][T11270]  ? trace_hardirqs_on+0x67/0x230
[  260.790603][T11270]  do_syscall_64+0x103/0x610
[  260.795395][T11270]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  260.801316][T11270] RIP: 0033:0x457f29
[  260.805319][T11270] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:25:14 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a00, 0x2)

[  260.825558][T11270] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  260.833977][T11270] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  260.842056][T11270] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  260.850076][T11270] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  260.858148][T11270] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  260.866131][T11270] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  260.889773][T11270] Bluetooth: Can't register HCI device
18:25:14 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:14 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a00, 0x2)

18:25:14 executing program 4:
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x600, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000080)={{0x800, 0x0, 0x80, 0x4}, 'syz0\x00', 0x22})
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000100)={{0x99c8, 0xfffffffffffffffb}, {0x1, 0x800}, 0x1a14, 0x1, 0x40000000})
write$P9_RLERRORu(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="ff7eccc0571484e8499a0753d6a4"], 0x2)

18:25:14 executing program 0 (fault-call:5 fault-nth:21):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:14 executing program 2 (fault-call:5 fault-nth:0):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:14 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x1082f, 0x2)

[  261.234681][T11324] FAULT_INJECTION: forcing a failure.
[  261.234681][T11324] name failslab, interval 1, probability 0, space 0, times 0
[  261.250843][T11324] CPU: 1 PID: 11324 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  261.260502][T11324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  261.270569][T11324] Call Trace:
[  261.273878][T11324]  dump_stack+0x172/0x1f0
[  261.278226][T11324]  should_fail.cold+0xa/0x15
[  261.282921][T11324]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  261.282942][T11324]  ? ___might_sleep+0x163/0x280
[  261.282966][T11324]  __should_failslab+0x121/0x190
[  261.293642][T11324]  should_failslab+0x9/0x14
[  261.293658][T11324]  kmem_cache_alloc_trace+0x2d1/0x760
[  261.293673][T11324]  ? rcu_read_lock_sched_held+0x110/0x130
[  261.293685][T11324]  ? __kmalloc+0x5d5/0x740
[  261.293705][T11324]  alloc_workqueue_attrs+0x82/0x120
[  261.293721][T11324]  apply_wqattrs_prepare+0xc8/0x970
[  261.293744][T11324]  apply_workqueue_attrs_locked+0xcb/0x140
18:25:14 executing program 4:
r0 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x8)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r1, r2, 0x0, 0x2)

[  261.293760][T11324]  apply_workqueue_attrs+0x31/0x50
[  261.293775][T11324]  alloc_workqueue+0x84c/0xe70
[  261.293801][T11324]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  261.293822][T11324]  ? __init_waitqueue_head+0x36/0x90
[  261.293845][T11324]  hci_register_dev+0x209/0x860
[  261.293865][T11324]  __vhci_create_device+0x2d0/0x5a0
[  261.293882][T11324]  vhci_write+0x2d0/0x470
[  261.293903][T11324]  new_sync_write+0x4c7/0x760
[  261.374917][T11324]  ? default_llseek+0x2e0/0x2e0
[  261.379768][T11324]  ? copy_page_to_iter+0x4e7/0xd60
18:25:14 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
accept$alg(r1, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

[  261.384902][T11324]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  261.391623][T11324]  ? put_page+0xce/0x130
[  261.395892][T11324]  __vfs_write+0xe4/0x110
[  261.400240][T11324]  __kernel_write+0x110/0x3b0
[  261.404931][T11324]  write_pipe_buf+0x15d/0x1f0
[  261.409614][T11324]  ? aa_file_perm+0x432/0xeb0
[  261.414302][T11324]  ? do_splice_direct+0x2a0/0x2a0
[  261.419341][T11324]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  261.425623][T11324]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  261.431701][T11324]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  261.431721][T11324]  __splice_from_pipe+0x395/0x7d0
[  261.431736][T11324]  ? do_splice_direct+0x2a0/0x2a0
[  261.431755][T11324]  ? do_splice_direct+0x2a0/0x2a0
[  261.431768][T11324]  splice_from_pipe+0x108/0x170
[  261.431784][T11324]  ? splice_shrink_spd+0xd0/0xd0
[  261.431819][T11324]  default_file_splice_write+0x3c/0x90
[  261.431832][T11324]  ? generic_splice_sendpage+0x50/0x50
[  261.431848][T11324]  direct_splice_actor+0x126/0x1a0
[  261.431865][T11324]  splice_direct_to_actor+0x369/0x970
[  261.431881][T11324]  ? generic_pipe_buf_nosteal+0x10/0x10
[  261.431899][T11324]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  261.431913][T11324]  ? do_splice_to+0x190/0x190
[  261.431933][T11324]  ? rw_verify_area+0x118/0x360
[  261.431952][T11324]  do_splice_direct+0x1da/0x2a0
[  261.453959][T11324]  ? splice_direct_to_actor+0x970/0x970
[  261.517149][T11324]  ? rw_verify_area+0x118/0x360
[  261.522002][T11324]  do_sendfile+0x597/0xd00
[  261.526430][T11324]  ? do_compat_pwritev64+0x1c0/0x1c0
[  261.531708][T11324]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  261.537942][T11324]  ? _copy_from_user+0xdd/0x150
[  261.542813][T11324]  __x64_sys_sendfile64+0x15a/0x220
[  261.548126][T11324]  ? __ia32_sys_sendfile+0x230/0x230
[  261.553400][T11324]  ? do_syscall_64+0x26/0x610
[  261.558066][T11324]  ? lockdep_hardirqs_on+0x418/0x5d0
[  261.563351][T11324]  ? trace_hardirqs_on+0x67/0x230
[  261.568835][T11324]  do_syscall_64+0x103/0x610
[  261.573448][T11324]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  261.579333][T11324] RIP: 0033:0x457f29
[  261.583232][T11324] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  261.603404][T11324] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  261.611837][T11324] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  261.619905][T11324] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  261.628060][T11324] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
18:25:14 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x1000000, 0x2)

[  261.636106][T11324] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  261.644076][T11324] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  261.654956][T11341] FAULT_INJECTION: forcing a failure.
[  261.654956][T11341] name failslab, interval 1, probability 0, space 0, times 0
[  261.659432][T11324] Bluetooth: Can't register HCI device
18:25:15 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10830, 0x2)

[  261.707699][T11341] CPU: 1 PID: 11341 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  261.716417][T11341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  261.726746][T11341] Call Trace:
[  261.730088][T11341]  dump_stack+0x172/0x1f0
[  261.734733][T11341]  should_fail.cold+0xa/0x15
[  261.739523][T11341]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  261.745444][T11341]  ? ___might_sleep+0x163/0x280
[  261.750352][T11341]  __should_failslab+0x121/0x190
[  261.750372][T11341]  should_failslab+0x9/0x14
[  261.750386][T11341]  kmem_cache_alloc_trace+0x2d1/0x760
[  261.750401][T11341]  ? kasan_check_read+0x11/0x20
[  261.750423][T11341]  alloc_pipe_info+0xb9/0x430
[  261.750442][T11341]  splice_direct_to_actor+0x775/0x970
[  261.750458][T11341]  ? common_file_perm+0x238/0x720
[  261.750474][T11341]  ? generic_pipe_buf_nosteal+0x10/0x10
[  261.750494][T11341]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  261.750514][T11341]  ? do_splice_to+0x190/0x190
[  261.759952][T11341]  ? rw_verify_area+0x118/0x360
[  261.759971][T11341]  do_splice_direct+0x1da/0x2a0
[  261.759988][T11341]  ? splice_direct_to_actor+0x970/0x970
[  261.760011][T11341]  ? rw_verify_area+0x118/0x360
[  261.760038][T11341]  do_sendfile+0x597/0xd00
[  261.760064][T11341]  ? do_compat_pwritev64+0x1c0/0x1c0
[  261.760093][T11341]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  261.826537][T11341]  ? _copy_from_user+0xdd/0x150
[  261.826556][T11341]  __x64_sys_sendfile64+0x15a/0x220
[  261.826572][T11341]  ? __ia32_sys_sendfile+0x230/0x230
[  261.826588][T11341]  ? do_syscall_64+0x26/0x610
[  261.826604][T11341]  ? lockdep_hardirqs_on+0x418/0x5d0
[  261.826621][T11341]  ? trace_hardirqs_on+0x67/0x230
[  261.826641][T11341]  do_syscall_64+0x103/0x610
[  261.848460][T11341]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  261.848473][T11341] RIP: 0033:0x457f29
[  261.848489][T11341] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:25:15 executing program 0 (fault-call:5 fault-nth:22):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:15 executing program 2 (fault-call:5 fault-nth:1):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  261.848498][T11341] RSP: 002b:00007f30489dcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  261.848512][T11341] RAX: ffffffffffffffda RBX: 00007f30489dcc90 RCX: 0000000000457f29
[  261.848520][T11341] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  261.848537][T11341] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  261.863965][T11341] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489dd6d4
[  261.863975][T11341] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:15 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2000000, 0x2)

[  261.989374][T11353] FAULT_INJECTION: forcing a failure.
[  261.989374][T11353] name failslab, interval 1, probability 0, space 0, times 0
[  262.037710][T11353] CPU: 0 PID: 11353 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  262.046444][T11353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  262.056516][T11353] Call Trace:
[  262.059860][T11353]  dump_stack+0x172/0x1f0
[  262.064233][T11353]  should_fail.cold+0xa/0x15
[  262.068866][T11353]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  262.074735][T11353]  ? ___might_sleep+0x163/0x280
[  262.079809][T11353]  __should_failslab+0x121/0x190
[  262.084131][T11357] FAULT_INJECTION: forcing a failure.
[  262.084131][T11357] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  262.084854][T11353]  should_failslab+0x9/0x14
[  262.102555][T11353]  kmem_cache_alloc+0x2b2/0x6f0
[  262.107411][T11353]  ? lookup_one_len+0x10e/0x1a0
[  262.112323][T11353]  alloc_inode+0xb8/0x190
[  262.116664][T11353]  new_inode_pseudo+0x19/0xf0
[  262.121344][T11353]  new_inode+0x1f/0x40
[  262.125494][T11353]  debugfs_get_inode+0x1a/0x130
[  262.130345][T11353]  debugfs_create_dir+0x7a/0x3d0
[  262.135283][T11353]  hci_register_dev+0x299/0x860
[  262.140145][T11353]  __vhci_create_device+0x2d0/0x5a0
[  262.145400][T11353]  vhci_write+0x2d0/0x470
[  262.149735][T11353]  new_sync_write+0x4c7/0x760
[  262.154414][T11353]  ? default_llseek+0x2e0/0x2e0
[  262.159261][T11353]  ? copy_page_to_iter+0x4e7/0xd60
[  262.164383][T11353]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  262.170630][T11353]  ? put_page+0xce/0x130
[  262.174991][T11353]  __vfs_write+0xe4/0x110
[  262.179327][T11353]  __kernel_write+0x110/0x3b0
[  262.184018][T11353]  write_pipe_buf+0x15d/0x1f0
[  262.188704][T11353]  ? aa_file_perm+0x432/0xeb0
[  262.193380][T11353]  ? do_splice_direct+0x2a0/0x2a0
[  262.198406][T11353]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  262.204670][T11353]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  262.210754][T11353]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  262.217011][T11353]  __splice_from_pipe+0x395/0x7d0
[  262.222081][T11353]  ? do_splice_direct+0x2a0/0x2a0
[  262.227117][T11353]  ? do_splice_direct+0x2a0/0x2a0
[  262.232166][T11353]  splice_from_pipe+0x108/0x170
[  262.237018][T11353]  ? splice_shrink_spd+0xd0/0xd0
[  262.242084][T11353]  default_file_splice_write+0x3c/0x90
[  262.247537][T11353]  ? generic_splice_sendpage+0x50/0x50
[  262.252993][T11353]  direct_splice_actor+0x126/0x1a0
[  262.258112][T11353]  splice_direct_to_actor+0x369/0x970
[  262.263490][T11353]  ? generic_pipe_buf_nosteal+0x10/0x10
[  262.269051][T11353]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  262.275305][T11353]  ? do_splice_to+0x190/0x190
[  262.279998][T11353]  ? rw_verify_area+0x118/0x360
[  262.284886][T11353]  do_splice_direct+0x1da/0x2a0
[  262.289740][T11353]  ? splice_direct_to_actor+0x970/0x970
[  262.295310][T11353]  ? rw_verify_area+0x118/0x360
[  262.300166][T11353]  do_sendfile+0x597/0xd00
[  262.304594][T11353]  ? do_compat_pwritev64+0x1c0/0x1c0
[  262.309895][T11353]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  262.316140][T11353]  ? _copy_from_user+0xdd/0x150
[  262.320994][T11353]  __x64_sys_sendfile64+0x15a/0x220
[  262.326212][T11353]  ? __ia32_sys_sendfile+0x230/0x230
[  262.331508][T11353]  ? do_syscall_64+0x26/0x610
[  262.336183][T11353]  ? lockdep_hardirqs_on+0x418/0x5d0
[  262.341467][T11353]  ? trace_hardirqs_on+0x67/0x230
[  262.346494][T11353]  do_syscall_64+0x103/0x610
[  262.351088][T11353]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  262.356978][T11353] RIP: 0033:0x457f29
[  262.361138][T11353] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  262.380747][T11353] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  262.389158][T11353] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  262.397135][T11353] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  262.405115][T11353] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  262.413089][T11353] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  262.421237][T11353] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  262.429493][T11357] CPU: 1 PID: 11357 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  262.438176][T11357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  262.448237][T11357] Call Trace:
[  262.451623][T11357]  dump_stack+0x172/0x1f0
[  262.455966][T11357]  should_fail.cold+0xa/0x15
[  262.460597][T11357]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  262.460614][T11357]  ? percpu_ref_tryget_live+0xef/0x290
[  262.460640][T11357]  should_fail_alloc_page+0x50/0x60
[  262.460655][T11357]  __alloc_pages_nodemask+0x1a1/0x7e0
[  262.460670][T11357]  ? find_held_lock+0x35/0x130
18:25:15 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:15 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10831, 0x2)

[  262.460687][T11357]  ? __alloc_pages_slowpath+0x2900/0x2900
[  262.460717][T11357]  cache_grow_begin+0x9c/0x860
[  262.460739][T11357]  ? alloc_pipe_info+0xb9/0x430
[  262.472111][T11357]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  262.472132][T11357]  kmem_cache_alloc_trace+0x67f/0x760
[  262.472149][T11357]  ? kasan_check_read+0x11/0x20
[  262.472172][T11357]  alloc_pipe_info+0xb9/0x430
[  262.472191][T11357]  splice_direct_to_actor+0x775/0x970
[  262.472205][T11357]  ? common_file_perm+0x238/0x720
[  262.472220][T11357]  ? generic_pipe_buf_nosteal+0x10/0x10
[  262.472237][T11357]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  262.472249][T11357]  ? do_splice_to+0x190/0x190
[  262.472268][T11357]  ? rw_verify_area+0x118/0x360
[  262.472283][T11357]  do_splice_direct+0x1da/0x2a0
[  262.472298][T11357]  ? splice_direct_to_actor+0x970/0x970
[  262.472321][T11357]  ? rw_verify_area+0x118/0x360
[  262.472342][T11357]  do_sendfile+0x597/0xd00
[  262.482916][T11357]  ? do_compat_pwritev64+0x1c0/0x1c0
[  262.482939][T11357]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
18:25:15 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2040000, 0x2)

[  262.482951][T11357]  ? _copy_from_user+0xdd/0x150
[  262.482967][T11357]  __x64_sys_sendfile64+0x15a/0x220
[  262.482980][T11357]  ? __ia32_sys_sendfile+0x230/0x230
[  262.482996][T11357]  ? do_syscall_64+0x26/0x610
[  262.483012][T11357]  ? lockdep_hardirqs_on+0x418/0x5d0
[  262.483026][T11357]  ? trace_hardirqs_on+0x67/0x230
[  262.483054][T11357]  do_syscall_64+0x103/0x610
[  262.483076][T11357]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  262.493535][T11357] RIP: 0033:0x457f29
[  262.493550][T11357] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  262.493558][T11357] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  262.493571][T11357] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  262.493579][T11357] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  262.493587][T11357] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
18:25:16 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:16 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10832, 0x2)

[  262.493595][T11357] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  262.493603][T11357] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:16 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="a215d6ffc0160dc9e3f549b2b0a3"], 0x2)
sendfile(r0, r1, 0x0, 0x2)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000040)=<r2=>0x0)
ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f0000000080)=r2)
ioctl$SNDRV_TIMER_IOCTL_STATUS(r1, 0x80605414, &(0x7f00000000c0)=""/231)

18:25:16 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3000000, 0x2)

18:25:16 executing program 0 (fault-call:5 fault-nth:23):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:16 executing program 2 (fault-call:5 fault-nth:2):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:16 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10833, 0x2)

18:25:16 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
mq_open(&(0x7f0000000000)='trustedppp0+V/\x00', 0x40, 0x81, &(0x7f0000000040)={0x9, 0x8001, 0x2, 0x55, 0x5, 0x6, 0x0, 0x8})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:16 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4000000, 0x2)

[  263.000745][T11391] FAULT_INJECTION: forcing a failure.
[  263.000745][T11391] name failslab, interval 1, probability 0, space 0, times 0
[  263.036051][T11401] FAULT_INJECTION: forcing a failure.
[  263.036051][T11401] name failslab, interval 1, probability 0, space 0, times 0
[  263.062502][T11391] CPU: 1 PID: 11391 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  263.071731][T11391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  263.081797][T11391] Call Trace:
[  263.085215][T11391]  dump_stack+0x172/0x1f0
[  263.089574][T11391]  should_fail.cold+0xa/0x15
[  263.094181][T11391]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  263.099993][T11391]  ? ___might_sleep+0x163/0x280
[  263.104866][T11391]  __should_failslab+0x121/0x190
[  263.109825][T11391]  should_failslab+0x9/0x14
[  263.114348][T11391]  __kmalloc_track_caller+0x2d8/0x740
[  263.119902][T11391]  ? __d_instantiate+0x383/0x470
[  263.124854][T11391]  ? find_held_lock+0x35/0x130
[  263.129625][T11391]  ? kstrdup_const+0x66/0x80
[  263.134236][T11391]  kstrdup+0x3a/0x70
[  263.138144][T11391]  kstrdup_const+0x66/0x80
[  263.142720][T11391]  kvasprintf_const+0x10e/0x190
[  263.147576][T11391]  kobject_set_name_vargs+0x5b/0x150
[  263.152979][T11391]  dev_set_name+0xbd/0xf0
[  263.157325][T11391]  ? device_initialize+0x440/0x440
[  263.162457][T11391]  hci_register_dev+0x2e0/0x860
[  263.168147][T11391]  __vhci_create_device+0x2d0/0x5a0
[  263.168166][T11391]  vhci_write+0x2d0/0x470
[  263.168187][T11391]  new_sync_write+0x4c7/0x760
[  263.168203][T11391]  ? default_llseek+0x2e0/0x2e0
[  263.168226][T11391]  ? copy_page_to_iter+0x4e7/0xd60
[  263.192346][T11391]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  263.198594][T11391]  ? put_page+0xce/0x130
[  263.202864][T11391]  __vfs_write+0xe4/0x110
[  263.207205][T11391]  __kernel_write+0x110/0x3b0
[  263.211920][T11391]  write_pipe_buf+0x15d/0x1f0
[  263.216611][T11391]  ? aa_file_perm+0x432/0xeb0
[  263.216628][T11391]  ? do_splice_direct+0x2a0/0x2a0
[  263.216646][T11391]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  263.216661][T11391]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  263.216683][T11391]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  263.244992][T11391]  __splice_from_pipe+0x395/0x7d0
[  263.250038][T11391]  ? do_splice_direct+0x2a0/0x2a0
[  263.250062][T11391]  ? do_splice_direct+0x2a0/0x2a0
[  263.250077][T11391]  splice_from_pipe+0x108/0x170
[  263.250095][T11391]  ? splice_shrink_spd+0xd0/0xd0
[  263.250123][T11391]  default_file_splice_write+0x3c/0x90
[  263.250136][T11391]  ? generic_splice_sendpage+0x50/0x50
[  263.250151][T11391]  direct_splice_actor+0x126/0x1a0
[  263.250168][T11391]  splice_direct_to_actor+0x369/0x970
[  263.250185][T11391]  ? generic_pipe_buf_nosteal+0x10/0x10
[  263.250205][T11391]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  263.250218][T11391]  ? do_splice_to+0x190/0x190
[  263.250241][T11391]  ? rw_verify_area+0x118/0x360
[  263.287074][T11391]  do_splice_direct+0x1da/0x2a0
[  263.287093][T11391]  ? splice_direct_to_actor+0x970/0x970
[  263.287121][T11391]  ? rw_verify_area+0x118/0x360
[  263.287139][T11391]  do_sendfile+0x597/0xd00
[  263.287163][T11391]  ? do_compat_pwritev64+0x1c0/0x1c0
[  263.333583][T11391]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  263.345176][T11391]  ? _copy_from_user+0xdd/0x150
[  263.350046][T11391]  __x64_sys_sendfile64+0x15a/0x220
[  263.355256][T11391]  ? __ia32_sys_sendfile+0x230/0x230
[  263.360549][T11391]  ? do_syscall_64+0x26/0x610
[  263.360568][T11391]  ? lockdep_hardirqs_on+0x418/0x5d0
[  263.360586][T11391]  ? trace_hardirqs_on+0x67/0x230
[  263.360604][T11391]  do_syscall_64+0x103/0x610
[  263.360623][T11391]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  263.360635][T11391] RIP: 0033:0x457f29
[  263.360651][T11391] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  263.360659][T11391] RSP: 002b:00007f45b2836c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  263.360674][T11391] RAX: ffffffffffffffda RBX: 00007f45b2836c90 RCX: 0000000000457f29
[  263.360683][T11391] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  263.360692][T11391] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  263.360700][T11391] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28376d4
[  263.360707][T11391] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  263.370452][T11391] Bluetooth: Can't register HCI device
[  263.386019][T11401] CPU: 0 PID: 11401 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  263.390751][T11401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  263.390758][T11401] Call Trace:
[  263.390782][T11401]  dump_stack+0x172/0x1f0
[  263.390802][T11401]  should_fail.cold+0xa/0x15
[  263.390819][T11401]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  263.390838][T11401]  ? ___might_sleep+0x163/0x280
[  263.390857][T11401]  __should_failslab+0x121/0x190
[  263.390873][T11401]  should_failslab+0x9/0x14
[  263.390888][T11401]  kmem_cache_alloc_node+0x264/0x710
[  263.390911][T11401]  __alloc_skb+0xd5/0x5e0
[  263.390926][T11401]  ? skb_trim+0x190/0x190
[  263.390945][T11401]  ? find_get_entry+0x535/0x880
[  263.390967][T11401]  vhci_write+0xc4/0x470
[  263.419001][T11401]  new_sync_write+0x4c7/0x760
[  263.419021][T11401]  ? default_llseek+0x2e0/0x2e0
[  263.419047][T11401]  ? copy_page_to_iter+0x4e7/0xd60
[  263.419067][T11401]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  263.419088][T11401]  ? put_page+0xce/0x130
18:25:16 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10834, 0x2)

[  263.473573][T11401]  __vfs_write+0xe4/0x110
[  263.473594][T11401]  __kernel_write+0x110/0x3b0
[  263.473612][T11401]  write_pipe_buf+0x15d/0x1f0
[  263.473635][T11401]  ? aa_file_perm+0x432/0xeb0
[  263.486995][T11401]  ? do_splice_direct+0x2a0/0x2a0
[  263.501735][T11401]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  263.511508][T11401]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  263.511525][T11401]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  263.511549][T11401]  __splice_from_pipe+0x395/0x7d0
[  263.525697][T11401]  ? do_splice_direct+0x2a0/0x2a0
[  263.534918][T11401]  ? do_splice_direct+0x2a0/0x2a0
[  263.534949][T11401]  splice_from_pipe+0x108/0x170
[  263.543843][T11401]  ? splice_shrink_spd+0xd0/0xd0
[  263.543875][T11401]  default_file_splice_write+0x3c/0x90
[  263.543895][T11401]  ? generic_splice_sendpage+0x50/0x50
[  263.553854][T11401]  direct_splice_actor+0x126/0x1a0
[  263.553872][T11401]  splice_direct_to_actor+0x369/0x970
[  263.553889][T11401]  ? generic_pipe_buf_nosteal+0x10/0x10
18:25:16 executing program 0 (fault-call:5 fault-nth:24):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:16 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000280)=0x1f)

[  263.553909][T11401]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  263.553930][T11401]  ? do_splice_to+0x190/0x190
[  263.564388][T11401]  ? rw_verify_area+0x118/0x360
[  263.564400][T11401]  do_splice_direct+0x1da/0x2a0
[  263.564409][T11401]  ? splice_direct_to_actor+0x970/0x970
[  263.564422][T11401]  ? rw_verify_area+0x118/0x360
[  263.564432][T11401]  do_sendfile+0x597/0xd00
[  263.564446][T11401]  ? do_compat_pwritev64+0x1c0/0x1c0
[  263.564474][T11401]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  263.564502][T11401]  ? _copy_from_user+0xdd/0x150
18:25:17 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x5000000, 0x2)

18:25:17 executing program 2 (fault-call:5 fault-nth:3):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  263.564531][T11401]  __x64_sys_sendfile64+0x15a/0x220
[  263.564551][T11401]  ? __ia32_sys_sendfile+0x230/0x230
[  263.564572][T11401]  ? do_syscall_64+0x26/0x610
[  263.564582][T11401]  ? lockdep_hardirqs_on+0x418/0x5d0
[  263.564592][T11401]  ? trace_hardirqs_on+0x67/0x230
[  263.564613][T11401]  do_syscall_64+0x103/0x610
[  263.564643][T11401]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  263.564661][T11401] RIP: 0033:0x457f29
[  263.564690][T11401] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  263.564704][T11401] RSP: 002b:00007f30489dcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  263.564731][T11401] RAX: ffffffffffffffda RBX: 00007f30489dcc90 RCX: 0000000000457f29
[  263.564736][T11401] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  263.564750][T11401] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  263.564764][T11401] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489dd6d4
18:25:17 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6000000, 0x2)

[  263.564770][T11401] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  263.823229][T11426] FAULT_INJECTION: forcing a failure.
[  263.823229][T11426] name failslab, interval 1, probability 0, space 0, times 0
[  263.838552][T11426] CPU: 0 PID: 11426 Comm: syz-executor.0 Not tainted 5.0.0-next-20190306 #4
[  263.840706][T11425] FAULT_INJECTION: forcing a failure.
[  263.840706][T11425] name failslab, interval 1, probability 0, space 0, times 0
[  263.847254][T11426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  263.847261][T11426] Call Trace:
[  263.847298][T11426]  dump_stack+0x172/0x1f0
[  263.847325][T11426]  should_fail.cold+0xa/0x15
[  263.869969][T11426]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  263.869989][T11426]  ? ___might_sleep+0x163/0x280
[  263.870009][T11426]  __should_failslab+0x121/0x190
[  263.870026][T11426]  should_failslab+0x9/0x14
[  263.870050][T11426]  kmem_cache_alloc_trace+0x2d1/0x760
[  263.870069][T11426]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  263.870083][T11426]  ? refcount_inc_checked+0x2b/0x70
[  263.870107][T11426]  device_add+0xfdc/0x18a0
[  263.882273][T11426]  ? device_initialize+0x440/0x440
[  263.882303][T11426]  ? get_device_parent.isra.0+0x570/0x570
[  263.882329][T11426]  hci_register_dev+0x2e8/0x860
[  263.882350][T11426]  __vhci_create_device+0x2d0/0x5a0
[  263.882367][T11426]  vhci_write+0x2d0/0x470
[  263.882389][T11426]  new_sync_write+0x4c7/0x760
[  263.902526][T11426]  ? default_llseek+0x2e0/0x2e0
[  263.902546][T11426]  ? copy_page_to_iter+0x4e7/0xd60
[  263.902567][T11426]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  263.902582][T11426]  ? put_page+0xce/0x130
[  263.902607][T11426]  __vfs_write+0xe4/0x110
[  263.914242][T11426]  __kernel_write+0x110/0x3b0
[  263.914264][T11426]  write_pipe_buf+0x15d/0x1f0
[  263.914281][T11426]  ? aa_file_perm+0x432/0xeb0
[  263.914302][T11426]  ? do_splice_direct+0x2a0/0x2a0
[  263.914324][T11426]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  263.934771][T11426]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  263.934797][T11426]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  263.934826][T11426]  __splice_from_pipe+0x395/0x7d0
[  263.934842][T11426]  ? do_splice_direct+0x2a0/0x2a0
[  263.934862][T11426]  ? do_splice_direct+0x2a0/0x2a0
[  263.954150][T11426]  splice_from_pipe+0x108/0x170
[  263.954176][T11426]  ? splice_shrink_spd+0xd0/0xd0
[  263.954218][T11426]  default_file_splice_write+0x3c/0x90
[  263.974717][T11426]  ? generic_splice_sendpage+0x50/0x50
[  263.974737][T11426]  direct_splice_actor+0x126/0x1a0
[  263.974756][T11426]  splice_direct_to_actor+0x369/0x970
[  263.974774][T11426]  ? generic_pipe_buf_nosteal+0x10/0x10
[  263.974799][T11426]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  263.993307][T11426]  ? do_splice_to+0x190/0x190
[  263.993329][T11426]  ? rw_verify_area+0x118/0x360
[  263.993348][T11426]  do_splice_direct+0x1da/0x2a0
[  263.993365][T11426]  ? splice_direct_to_actor+0x970/0x970
[  263.993388][T11426]  ? rw_verify_area+0x118/0x360
[  264.004661][T11426]  do_sendfile+0x597/0xd00
[  264.004691][T11426]  ? do_compat_pwritev64+0x1c0/0x1c0
[  264.004713][T11426]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  264.004734][T11426]  ? _copy_from_user+0xdd/0x150
[  264.022242][T11426]  __x64_sys_sendfile64+0x15a/0x220
[  264.022259][T11426]  ? __ia32_sys_sendfile+0x230/0x230
[  264.022276][T11426]  ? do_syscall_64+0x26/0x610
[  264.022299][T11426]  ? lockdep_hardirqs_on+0x418/0x5d0
[  264.022321][T11426]  ? trace_hardirqs_on+0x67/0x230
[  264.037194][T11426]  do_syscall_64+0x103/0x610
[  264.037217][T11426]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  264.037229][T11426] RIP: 0033:0x457f29
[  264.037245][T11426] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  264.037260][T11426] RSP: 002b:00007f45b2815c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  264.053206][T11426] RAX: ffffffffffffffda RBX: 00007f45b2815c90 RCX: 0000000000457f29
[  264.053216][T11426] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  264.053225][T11426] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  264.053234][T11426] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f45b28166d4
[  264.053242][T11426] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  264.079859][T11425] CPU: 1 PID: 11425 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  264.090743][T11425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  264.101222][T11425] Call Trace:
[  264.101249][T11425]  dump_stack+0x172/0x1f0
[  264.101268][T11425]  should_fail.cold+0xa/0x15
[  264.101283][T11425]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  264.101301][T11425]  ? ___might_sleep+0x163/0x280
[  264.101318][T11425]  __should_failslab+0x121/0x190
[  264.101333][T11425]  should_failslab+0x9/0x14
[  264.101349][T11425]  kmem_cache_alloc_node_trace+0x270/0x720
[  264.101376][T11425]  __kmalloc_node_track_caller+0x3d/0x70
[  264.101395][T11425]  __kmalloc_reserve.isra.0+0x40/0xf0
[  264.101414][T11425]  __alloc_skb+0x10b/0x5e0
[  264.117446][T11425]  ? skb_trim+0x190/0x190
[  264.127478][T11425]  ? find_get_entry+0x535/0x880
[  264.147756][T11425]  vhci_write+0xc4/0x470
[  264.158323][T11425]  new_sync_write+0x4c7/0x760
[  264.282150][T11426] Bluetooth: Can't register HCI device
[  264.282733][T11425]  ? default_llseek+0x2e0/0x2e0
[  264.294189][T11425]  ? copy_page_to_iter+0x4e7/0xd60
[  264.294209][T11425]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  264.294223][T11425]  ? put_page+0xce/0x130
[  264.294251][T11425]  __vfs_write+0xe4/0x110
[  264.294268][T11425]  __kernel_write+0x110/0x3b0
[  264.294288][T11425]  write_pipe_buf+0x15d/0x1f0
[  264.294303][T11425]  ? aa_file_perm+0x432/0xeb0
18:25:17 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
socket$alg(0x26, 0x5, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

[  264.294317][T11425]  ? do_splice_direct+0x2a0/0x2a0
[  264.294331][T11425]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  264.294345][T11425]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  264.294365][T11425]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  264.308445][T11425]  __splice_from_pipe+0x395/0x7d0
[  264.308462][T11425]  ? do_splice_direct+0x2a0/0x2a0
[  264.308485][T11425]  ? do_splice_direct+0x2a0/0x2a0
[  264.322233][T11425]  splice_from_pipe+0x108/0x170
[  264.322253][T11425]  ? splice_shrink_spd+0xd0/0xd0
18:25:17 executing program 2 (fault-call:5 fault-nth:4):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  264.322279][T11425]  default_file_splice_write+0x3c/0x90
[  264.337755][T11425]  ? generic_splice_sendpage+0x50/0x50
[  264.337774][T11425]  direct_splice_actor+0x126/0x1a0
[  264.337799][T11425]  splice_direct_to_actor+0x369/0x970
[  264.352716][T11425]  ? generic_pipe_buf_nosteal+0x10/0x10
[  264.352737][T11425]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  264.352750][T11425]  ? do_splice_to+0x190/0x190
[  264.352769][T11425]  ? rw_verify_area+0x118/0x360
[  264.352786][T11425]  do_splice_direct+0x1da/0x2a0
[  264.352811][T11425]  ? splice_direct_to_actor+0x970/0x970
[  264.352834][T11425]  ? rw_verify_area+0x118/0x360
[  264.352852][T11425]  do_sendfile+0x597/0xd00
[  264.352876][T11425]  ? do_compat_pwritev64+0x1c0/0x1c0
[  264.367678][T11425]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  264.378916][T11425]  ? _copy_from_user+0xdd/0x150
[  264.378936][T11425]  __x64_sys_sendfile64+0x15a/0x220
[  264.378951][T11425]  ? __ia32_sys_sendfile+0x230/0x230
[  264.378965][T11425]  ? do_syscall_64+0x26/0x610
[  264.378982][T11425]  ? lockdep_hardirqs_on+0x418/0x5d0
18:25:17 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10835, 0x2)

[  264.378998][T11425]  ? trace_hardirqs_on+0x67/0x230
[  264.379015][T11425]  do_syscall_64+0x103/0x610
[  264.379046][T11425]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  264.379058][T11425] RIP: 0033:0x457f29
[  264.379072][T11425] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  264.379078][T11425] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
18:25:17 executing program 0 (fault-call:5 fault-nth:25):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

[  264.379100][T11425] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  264.392100][T11425] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  264.392109][T11425] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  264.392117][T11425] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  264.392125][T11425] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  264.502478][T11438] FAULT_INJECTION: forcing a failure.
[  264.502478][T11438] name failslab, interval 1, probability 0, space 0, times 0
[  264.630405][T11438] CPU: 1 PID: 11438 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  264.639125][T11438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  264.649188][T11438] Call Trace:
[  264.652499][T11438]  dump_stack+0x172/0x1f0
[  264.656844][T11438]  should_fail.cold+0xa/0x15
[  264.661444][T11438]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  264.667742][T11438]  ? ___might_sleep+0x163/0x280
[  264.672613][T11438]  __should_failslab+0x121/0x190
[  264.677562][T11438]  should_failslab+0x9/0x14
[  264.682079][T11438]  kmem_cache_alloc_node+0x264/0x710
[  264.687382][T11438]  __alloc_skb+0xd5/0x5e0
[  264.691722][T11438]  ? skb_trim+0x190/0x190
[  264.696064][T11438]  ? vhci_write+0x2b3/0x470
[  264.700578][T11438]  ? rcu_read_lock_sched_held+0x110/0x130
[  264.706312][T11438]  ? kmem_cache_free+0x225/0x260
[  264.706334][T11438]  __vhci_create_device+0x88/0x5a0
[  264.706352][T11438]  vhci_write+0x2d0/0x470
[  264.706375][T11438]  new_sync_write+0x4c7/0x760
[  264.725409][T11438]  ? default_llseek+0x2e0/0x2e0
[  264.730272][T11438]  ? copy_page_to_iter+0x4e7/0xd60
[  264.735408][T11438]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  264.741661][T11438]  ? put_page+0xce/0x130
[  264.745925][T11438]  __vfs_write+0xe4/0x110
[  264.745945][T11438]  __kernel_write+0x110/0x3b0
[  264.745966][T11438]  write_pipe_buf+0x15d/0x1f0
[  264.760020][T11438]  ? aa_file_perm+0x432/0xeb0
[  264.760048][T11438]  ? do_splice_direct+0x2a0/0x2a0
18:25:17 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x10001)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="ffc0c70e800b33c4341bbf679797d1170100c5c4108d5e0bdecad0"], 0x2)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000040)={0x100000001, 0x100, 0x10000, 0x5, 0x4, 0x3})
sendfile(r0, r1, 0x0, 0x102)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000)=<r2=>0x0)
ioprio_set$pid(0x2, r2, 0x100000000)

[  264.760067][T11438]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  264.760080][T11438]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  264.760094][T11438]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  264.760110][T11438]  __splice_from_pipe+0x395/0x7d0
[  264.760125][T11438]  ? do_splice_direct+0x2a0/0x2a0
[  264.760146][T11438]  ? do_splice_direct+0x2a0/0x2a0
[  264.760160][T11438]  splice_from_pipe+0x108/0x170
[  264.760180][T11438]  ? splice_shrink_spd+0xd0/0xd0
[  264.770443][T11438]  default_file_splice_write+0x3c/0x90
[  264.770458][T11438]  ? generic_splice_sendpage+0x50/0x50
[  264.770474][T11438]  direct_splice_actor+0x126/0x1a0
[  264.770491][T11438]  splice_direct_to_actor+0x369/0x970
[  264.770509][T11438]  ? generic_pipe_buf_nosteal+0x10/0x10
[  264.770529][T11438]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  264.770542][T11438]  ? do_splice_to+0x190/0x190
[  264.770568][T11438]  ? rw_verify_area+0x118/0x360
[  264.856561][T11438]  do_splice_direct+0x1da/0x2a0
[  264.861430][T11438]  ? splice_direct_to_actor+0x970/0x970
[  264.867498][T11438]  ? rw_verify_area+0x118/0x360
[  264.872368][T11438]  do_sendfile+0x597/0xd00
[  264.876786][T11438]  ? do_compat_pwritev64+0x1c0/0x1c0
[  264.882203][T11438]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  264.888561][T11438]  ? _copy_from_user+0xdd/0x150
[  264.893399][T11438]  __x64_sys_sendfile64+0x15a/0x220
[  264.898606][T11438]  ? __ia32_sys_sendfile+0x230/0x230
[  264.903885][T11438]  ? do_syscall_64+0x26/0x610
[  264.908706][T11438]  ? lockdep_hardirqs_on+0x418/0x5d0
[  264.913995][T11438]  ? trace_hardirqs_on+0x67/0x230
[  264.919132][T11438]  do_syscall_64+0x103/0x610
[  264.923818][T11438]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  264.929810][T11438] RIP: 0033:0x457f29
[  264.933708][T11438] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  264.953320][T11438] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  264.961754][T11438] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
18:25:18 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7000000, 0x2)

[  264.970644][T11438] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  264.978643][T11438] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  264.986599][T11438] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  264.994560][T11438] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:18 executing program 2 (fault-call:5 fault-nth:5):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:18 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:18 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10836, 0x2)

18:25:18 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x4401, 0x0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:18 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x8000000, 0x2)

[  265.159189][T11464] FAULT_INJECTION: forcing a failure.
[  265.159189][T11464] name failslab, interval 1, probability 0, space 0, times 0
[  265.245780][T11464] CPU: 1 PID: 11464 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  265.254515][T11464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  265.254523][T11464] Call Trace:
[  265.254551][T11464]  dump_stack+0x172/0x1f0
[  265.254572][T11464]  should_fail.cold+0xa/0x15
[  265.254592][T11464]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  265.254613][T11464]  ? ___might_sleep+0x163/0x280
[  265.254635][T11464]  __should_failslab+0x121/0x190
[  265.254655][T11464]  should_failslab+0x9/0x14
[  265.254673][T11464]  kmem_cache_alloc_node_trace+0x270/0x720
[  265.254701][T11464]  __kmalloc_node_track_caller+0x3d/0x70
[  265.254719][T11464]  __kmalloc_reserve.isra.0+0x40/0xf0
[  265.254738][T11464]  __alloc_skb+0x10b/0x5e0
[  265.254756][T11464]  ? skb_trim+0x190/0x190
[  265.254770][T11464]  ? vhci_write+0x2b3/0x470
[  265.254786][T11464]  ? rcu_read_lock_sched_held+0x110/0x130
[  265.254812][T11464]  ? kmem_cache_free+0x225/0x260
[  265.254834][T11464]  __vhci_create_device+0x88/0x5a0
[  265.314939][T11464]  vhci_write+0x2d0/0x470
[  265.338826][T11464]  new_sync_write+0x4c7/0x760
[  265.338845][T11464]  ? default_llseek+0x2e0/0x2e0
[  265.338867][T11464]  ? copy_page_to_iter+0x4e7/0xd60
[  265.348309][T11464]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  265.348325][T11464]  ? put_page+0xce/0x130
[  265.348352][T11464]  __vfs_write+0xe4/0x110
[  265.370085][T11464]  __kernel_write+0x110/0x3b0
[  265.370104][T11464]  write_pipe_buf+0x15d/0x1f0
[  265.370119][T11464]  ? aa_file_perm+0x432/0xeb0
[  265.370132][T11464]  ? do_splice_direct+0x2a0/0x2a0
[  265.370148][T11464]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  265.370161][T11464]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  265.370174][T11464]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  265.370193][T11464]  __splice_from_pipe+0x395/0x7d0
[  265.370206][T11464]  ? do_splice_direct+0x2a0/0x2a0
[  265.370226][T11464]  ? do_splice_direct+0x2a0/0x2a0
[  265.383475][T11464]  splice_from_pipe+0x108/0x170
[  265.383496][T11464]  ? splice_shrink_spd+0xd0/0xd0
[  265.393357][T11464]  default_file_splice_write+0x3c/0x90
[  265.393371][T11464]  ? generic_splice_sendpage+0x50/0x50
[  265.393385][T11464]  direct_splice_actor+0x126/0x1a0
[  265.393402][T11464]  splice_direct_to_actor+0x369/0x970
[  265.393418][T11464]  ? generic_pipe_buf_nosteal+0x10/0x10
[  265.393437][T11464]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  265.393450][T11464]  ? do_splice_to+0x190/0x190
[  265.393469][T11464]  ? rw_verify_area+0x118/0x360
[  265.393486][T11464]  do_splice_direct+0x1da/0x2a0
[  265.393506][T11464]  ? splice_direct_to_actor+0x970/0x970
[  265.410834][T11464]  ? rw_verify_area+0x118/0x360
[  265.410853][T11464]  do_sendfile+0x597/0xd00
[  265.410877][T11464]  ? do_compat_pwritev64+0x1c0/0x1c0
[  265.410899][T11464]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  265.410918][T11464]  ? _copy_from_user+0xdd/0x150
[  265.422221][T11464]  __x64_sys_sendfile64+0x15a/0x220
[  265.422236][T11464]  ? __ia32_sys_sendfile+0x230/0x230
[  265.422251][T11464]  ? do_syscall_64+0x26/0x610
[  265.422265][T11464]  ? lockdep_hardirqs_on+0x418/0x5d0
[  265.422281][T11464]  ? trace_hardirqs_on+0x67/0x230
[  265.422297][T11464]  do_syscall_64+0x103/0x610
[  265.422316][T11464]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  265.422327][T11464] RIP: 0033:0x457f29
[  265.422344][T11464] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  265.422352][T11464] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
18:25:18 executing program 4:
r0 = socket$inet6(0xa, 0x6, 0x2b)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="efae623ec00f3accdf0eec14dd484e3ae07a69dbf3b1e5826a5c55c092a017e71bb462caf05e4444b00486816eb4597153ed68831eaa5f321e8ba3f3d60e5f96c37189eef922e977b9e214209811b15fcf8b96bde12bc23a66e6526d45"], 0x2)
sendfile(r0, r1, 0x0, 0x2)
getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f00000001c0)={<r2=>0x0, 0x5}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={r2, 0x800}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f00000000c0), 0x4)
setsockopt$inet_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000180)={0x0, 0x100000001}, 0xfe92)

18:25:18 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
socket$alg(0x26, 0x5, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:18 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10837, 0x2)

18:25:18 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xa000000, 0x2)

18:25:18 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10838, 0x2)

18:25:18 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

[  265.422366][T11464] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  265.422373][T11464] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  265.422382][T11464] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  265.422398][T11464] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  265.442204][T11464] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:18 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2, 0x2)

18:25:19 executing program 2 (fault-call:5 fault-nth:6):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:19 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10000000, 0x2)

18:25:19 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x1000000, 0x2)

18:25:19 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3, 0x2)

18:25:19 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhci\x00', 0x20000)
lseek(r0, 0x0, 0x3)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)
ioctl$BLKPBSZGET(r1, 0x127b, &(0x7f0000000000))

[  265.858859][T11513] FAULT_INJECTION: forcing a failure.
[  265.858859][T11513] name failslab, interval 1, probability 0, space 0, times 0
[  265.915516][T11513] CPU: 1 PID: 11513 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  265.924340][T11513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  265.934405][T11513] Call Trace:
[  265.937719][T11513]  dump_stack+0x172/0x1f0
[  265.942077][T11513]  should_fail.cold+0xa/0x15
[  265.946689][T11513]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  265.952596][T11513]  ? ___might_sleep+0x163/0x280
[  265.957459][T11513]  __should_failslab+0x121/0x190
[  265.962404][T11513]  should_failslab+0x9/0x14
[  265.962420][T11513]  kmem_cache_alloc_trace+0x2d1/0x760
[  265.962436][T11513]  ? skb_trim+0x190/0x190
[  265.962450][T11513]  ? vhci_write+0x2b3/0x470
[  265.962465][T11513]  ? rcu_read_lock_sched_held+0x110/0x130
[  265.962483][T11513]  hci_alloc_dev+0x43/0x1d00
[  265.962500][T11513]  __vhci_create_device+0x101/0x5a0
[  265.962516][T11513]  vhci_write+0x2d0/0x470
[  265.962536][T11513]  new_sync_write+0x4c7/0x760
[  265.962556][T11513]  ? default_llseek+0x2e0/0x2e0
[  266.011051][T11513]  ? copy_page_to_iter+0x4e7/0xd60
18:25:19 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2000000, 0x2)

[  266.016181][T11513]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  266.022432][T11513]  ? put_page+0xce/0x130
[  266.026702][T11513]  __vfs_write+0xe4/0x110
[  266.031057][T11513]  __kernel_write+0x110/0x3b0
[  266.035753][T11513]  write_pipe_buf+0x15d/0x1f0
[  266.040452][T11513]  ? aa_file_perm+0x432/0xeb0
[  266.045144][T11513]  ? do_splice_direct+0x2a0/0x2a0
[  266.050166][T11513]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  266.056431][T11513]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  266.062490][T11513]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  266.068754][T11513]  __splice_from_pipe+0x395/0x7d0
[  266.074222][T11513]  ? do_splice_direct+0x2a0/0x2a0
[  266.079264][T11513]  ? do_splice_direct+0x2a0/0x2a0
[  266.084272][T11513]  splice_from_pipe+0x108/0x170
[  266.089129][T11513]  ? splice_shrink_spd+0xd0/0xd0
[  266.094099][T11513]  default_file_splice_write+0x3c/0x90
[  266.099550][T11513]  ? generic_splice_sendpage+0x50/0x50
[  266.104997][T11513]  direct_splice_actor+0x126/0x1a0
[  266.110114][T11513]  splice_direct_to_actor+0x369/0x970
[  266.115513][T11513]  ? generic_pipe_buf_nosteal+0x10/0x10
[  266.121072][T11513]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  266.127487][T11513]  ? do_splice_to+0x190/0x190
[  266.132255][T11513]  ? rw_verify_area+0x118/0x360
[  266.137131][T11513]  do_splice_direct+0x1da/0x2a0
[  266.141989][T11513]  ? splice_direct_to_actor+0x970/0x970
[  266.147538][T11513]  ? rw_verify_area+0x118/0x360
[  266.152392][T11513]  do_sendfile+0x597/0xd00
[  266.156845][T11513]  ? do_compat_pwritev64+0x1c0/0x1c0
[  266.162121][T11513]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  266.168347][T11513]  ? _copy_from_user+0xdd/0x150
[  266.173606][T11513]  __x64_sys_sendfile64+0x15a/0x220
[  266.178888][T11513]  ? __ia32_sys_sendfile+0x230/0x230
[  266.184157][T11513]  ? do_syscall_64+0x26/0x610
[  266.188824][T11513]  ? lockdep_hardirqs_on+0x418/0x5d0
[  266.194107][T11513]  ? trace_hardirqs_on+0x67/0x230
[  266.199134][T11513]  do_syscall_64+0x103/0x610
[  266.203730][T11513]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  266.209631][T11513] RIP: 0033:0x457f29
[  266.213626][T11513] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  266.233328][T11513] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  266.241757][T11513] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  266.249729][T11513] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  266.257712][T11513] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
18:25:19 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x20000000, 0x2)

[  266.266043][T11513] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  266.275237][T11513] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:19 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4, 0x2)

18:25:19 executing program 2 (fault-call:5 fault-nth:7):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:19 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2040000, 0x2)

18:25:19 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:19 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="fbc05cc4dcd34824c98bee62e8abdd96606566048f94a41e2fa26cfedc4a04ab7c78f957b3b0c40a590a1636672a32b6bf66ac8c62730a111ad263cf79d738e7a4bc78e18f978ae76bd4271d9c436b3750eb6531ee7fdb3c09a665d8"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:19 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e000000, 0x2)

[  266.474861][T11544] FAULT_INJECTION: forcing a failure.
[  266.474861][T11544] name failslab, interval 1, probability 0, space 0, times 0
[  266.549312][T11544] CPU: 0 PID: 11544 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  266.558052][T11544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  266.568114][T11544] Call Trace:
[  266.568144][T11544]  dump_stack+0x172/0x1f0
[  266.568169][T11544]  should_fail.cold+0xa/0x15
[  266.568191][T11544]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  266.568215][T11544]  ? ___might_sleep+0x163/0x280
[  266.568237][T11544]  __should_failslab+0x121/0x190
[  266.568267][T11544]  should_failslab+0x9/0x14
[  266.580460][T11544]  __kmalloc+0x2dc/0x740
[  266.580485][T11544]  ? alloc_workqueue+0x13c/0xe70
[  266.580504][T11544]  alloc_workqueue+0x13c/0xe70
[  266.580525][T11544]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  266.580541][T11544]  ? scnprintf+0x140/0x140
[  266.580561][T11544]  ? __init_waitqueue_head+0x36/0x90
[  266.580584][T11544]  hci_register_dev+0x1b8/0x860
[  266.580599][T11544]  ? hci_init_sysfs+0x7c/0xa0
[  266.580620][T11544]  __vhci_create_device+0x2d0/0x5a0
[  266.580638][T11544]  vhci_write+0x2d0/0x470
[  266.580657][T11544]  new_sync_write+0x4c7/0x760
[  266.580686][T11544]  ? default_llseek+0x2e0/0x2e0
[  266.659125][T11544]  ? copy_page_to_iter+0x4e7/0xd60
[  266.664282][T11544]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  266.670934][T11544]  ? put_page+0xce/0x130
[  266.675306][T11544]  __vfs_write+0xe4/0x110
[  266.679681][T11544]  __kernel_write+0x110/0x3b0
[  266.684458][T11544]  write_pipe_buf+0x15d/0x1f0
[  266.689358][T11544]  ? aa_file_perm+0x432/0xeb0
[  266.694084][T11544]  ? do_splice_direct+0x2a0/0x2a0
[  266.699229][T11544]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  266.706229][T11544]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  266.712593][T11544]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  266.718897][T11544]  __splice_from_pipe+0x395/0x7d0
[  266.723959][T11544]  ? do_splice_direct+0x2a0/0x2a0
[  266.723982][T11544]  ? do_splice_direct+0x2a0/0x2a0
[  266.723997][T11544]  splice_from_pipe+0x108/0x170
[  266.724017][T11544]  ? splice_shrink_spd+0xd0/0xd0
[  266.734475][T11544]  default_file_splice_write+0x3c/0x90
[  266.734491][T11544]  ? generic_splice_sendpage+0x50/0x50
[  266.734514][T11544]  direct_splice_actor+0x126/0x1a0
[  266.760334][T11544]  splice_direct_to_actor+0x369/0x970
[  266.765729][T11544]  ? generic_pipe_buf_nosteal+0x10/0x10
[  266.771354][T11544]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  266.777623][T11544]  ? do_splice_to+0x190/0x190
[  266.782326][T11544]  ? rw_verify_area+0x118/0x360
[  266.787191][T11544]  do_splice_direct+0x1da/0x2a0
[  266.792067][T11544]  ? splice_direct_to_actor+0x970/0x970
[  266.797750][T11544]  ? rw_verify_area+0x118/0x360
[  266.802619][T11544]  do_sendfile+0x597/0xd00
[  266.807088][T11544]  ? do_compat_pwritev64+0x1c0/0x1c0
[  266.812403][T11544]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  266.818674][T11544]  ? _copy_from_user+0xdd/0x150
[  266.823538][T11544]  __x64_sys_sendfile64+0x15a/0x220
[  266.828758][T11544]  ? __ia32_sys_sendfile+0x230/0x230
[  266.834095][T11544]  ? do_syscall_64+0x26/0x610
[  266.834114][T11544]  ? lockdep_hardirqs_on+0x418/0x5d0
[  266.834144][T11544]  ? trace_hardirqs_on+0x67/0x230
18:25:19 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x5, 0x2)

18:25:19 executing program 5:
socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:20 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6, 0x2)

18:25:20 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7, 0x2)

18:25:20 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3f000000, 0x2)

[  266.834168][T11544]  do_syscall_64+0x103/0x610
[  266.844173][T11544]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  266.844186][T11544] RIP: 0033:0x457f29
[  266.844205][T11544] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  266.844220][T11544] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
18:25:20 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3000000, 0x2)

[  266.883350][T11544] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  266.883359][T11544] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  266.883367][T11544] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  266.883376][T11544] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  266.883384][T11544] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  266.892554][T11544] Bluetooth: Can't register HCI device
18:25:20 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="0300000078580d5e92893da6035b5c9dc9514bda939810c18882a5ab65565881f88eb99d1787"], 0x2)
sendfile(r0, r1, 0x0, 0x2)
ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000040)={0x9, 0x6, 0xffff})

18:25:20 executing program 2 (fault-call:5 fault-nth:8):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:20 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x8, 0x2)

18:25:20 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x40000000, 0x2)

18:25:20 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4000000, 0x2)

18:25:20 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000340)={<r1=>0x0, 0xc7, "93715337c65ca5c1ba89f1a8ae3f69947f062e5b2223808dd926a82f7d1fcb78d199c1820789174cce51f2fc4f993bf3efc5fd292ad04ab62eefe98f33402f616215b989114ae96fece965b1d0ba531990adcf9cdbbd3d08b73646790d64888a5593b6d56ac6dfabed16fee72931fa92eb6027e0c6a5ef9b71acaa7f7d8686ec27d928197baea097d5d248812a31f5fcb53d2df02a030d76fd4df69b23630db5f76fc06b7ed025db4d8bd6488aca4f1a5b13cb9a21c1d5502268742289964dd3801d3442c3bc6c"}, &(0x7f0000000100)=0xcf)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={r1, 0x4}, 0x8)
r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20ncci\x00', 0x204000, 0x0)
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x448000, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f00000001c0)={0x1, 0x8000})
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r3, 0xc0305615, &(0x7f0000000040)={0x0, {0xad, 0x71}})
close(r2)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r4, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000200)=""/103)
sendfile(r0, r4, 0x0, 0x2)

[  267.191507][T11595] FAULT_INJECTION: forcing a failure.
[  267.191507][T11595] name failslab, interval 1, probability 0, space 0, times 0
[  267.220932][T11595] CPU: 0 PID: 11595 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  267.229688][T11595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  267.239757][T11595] Call Trace:
[  267.239788][T11595]  dump_stack+0x172/0x1f0
[  267.239814][T11595]  should_fail.cold+0xa/0x15
[  267.239832][T11595]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  267.239862][T11595]  ? ___might_sleep+0x163/0x280
[  267.258602][T11595]  __should_failslab+0x121/0x190
[  267.258634][T11595]  should_failslab+0x9/0x14
[  267.258657][T11595]  kmem_cache_alloc_trace+0x2d1/0x760
[  267.278391][T11595]  ? rcu_read_lock_sched_held+0x110/0x130
[  267.284129][T11595]  ? __kmalloc+0x5d5/0x740
[  267.288567][T11595]  alloc_workqueue_attrs+0x82/0x120
[  267.293789][T11595]  alloc_workqueue+0x166/0xe70
[  267.298657][T11595]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  267.298675][T11595]  ? scnprintf+0x140/0x140
[  267.298696][T11595]  ? __init_waitqueue_head+0x36/0x90
[  267.298719][T11595]  hci_register_dev+0x1b8/0x860
[  267.318972][T11595]  ? hci_init_sysfs+0x7c/0xa0
[  267.318997][T11595]  __vhci_create_device+0x2d0/0x5a0
[  267.319014][T11595]  vhci_write+0x2d0/0x470
[  267.319045][T11595]  new_sync_write+0x4c7/0x760
18:25:20 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x48000000, 0x2)

[  267.319065][T11595]  ? default_llseek+0x2e0/0x2e0
[  267.342804][T11595]  ? copy_page_to_iter+0x4e7/0xd60
[  267.347946][T11595]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  267.354229][T11595]  ? put_page+0xce/0x130
[  267.358497][T11595]  __vfs_write+0xe4/0x110
[  267.362842][T11595]  __kernel_write+0x110/0x3b0
[  267.367544][T11595]  write_pipe_buf+0x15d/0x1f0
[  267.372338][T11595]  ? aa_file_perm+0x432/0xeb0
[  267.377045][T11595]  ? do_splice_direct+0x2a0/0x2a0
[  267.382086][T11595]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  267.382117][T11595]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  267.382138][T11595]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  267.382164][T11595]  __splice_from_pipe+0x395/0x7d0
[  267.382188][T11595]  ? do_splice_direct+0x2a0/0x2a0
[  267.394779][T11595]  ? do_splice_direct+0x2a0/0x2a0
[  267.394806][T11595]  splice_from_pipe+0x108/0x170
[  267.394823][T11595]  ? splice_shrink_spd+0xd0/0xd0
[  267.394863][T11595]  default_file_splice_write+0x3c/0x90
[  267.394885][T11595]  ? generic_splice_sendpage+0x50/0x50
[  267.394910][T11595]  direct_splice_actor+0x126/0x1a0
[  267.442481][T11595]  splice_direct_to_actor+0x369/0x970
[  267.447880][T11595]  ? generic_pipe_buf_nosteal+0x10/0x10
[  267.453482][T11595]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  267.459746][T11595]  ? do_splice_to+0x190/0x190
[  267.464425][T11595]  ? rw_verify_area+0x118/0x360
[  267.469979][T11595]  do_splice_direct+0x1da/0x2a0
[  267.474832][T11595]  ? splice_direct_to_actor+0x970/0x970
[  267.480397][T11595]  ? rw_verify_area+0x118/0x360
[  267.485379][T11595]  do_sendfile+0x597/0xd00
[  267.489795][T11595]  ? do_compat_pwritev64+0x1c0/0x1c0
[  267.495089][T11595]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  267.501335][T11595]  ? _copy_from_user+0xdd/0x150
[  267.506198][T11595]  __x64_sys_sendfile64+0x15a/0x220
[  267.511728][T11595]  ? __ia32_sys_sendfile+0x230/0x230
[  267.517011][T11595]  ? do_syscall_64+0x26/0x610
[  267.521684][T11595]  ? lockdep_hardirqs_on+0x418/0x5d0
[  267.527069][T11595]  ? trace_hardirqs_on+0x67/0x230
[  267.532096][T11595]  do_syscall_64+0x103/0x610
[  267.536702][T11595]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
18:25:20 executing program 5:
socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:20 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xa, 0x2)

18:25:20 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vhci\x00', 0x103ff)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f0000000140)={0xb, 0x10, 0xfa00, {&(0x7f0000000000), r2, 0x5}}, 0x18)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  267.542596][T11595] RIP: 0033:0x457f29
[  267.546492][T11595] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  267.566095][T11595] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  267.574515][T11595] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  267.582492][T11595] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
18:25:20 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x5000000, 0x2)

18:25:20 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c000000, 0x2)

[  267.582501][T11595] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  267.582509][T11595] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  267.582517][T11595] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  267.627101][T11595] Bluetooth: Can't register HCI device
18:25:21 executing program 2 (fault-call:5 fault-nth:9):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:21 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6000000, 0x2)

18:25:21 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x60000000, 0x2)

18:25:21 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
ioctl$PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000040)=0x3)
sendfile(r0, r1, 0x0, 0x2)
ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000000)=[0x2, 0x9])

18:25:21 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10, 0x2)

[  267.820799][T11638] FAULT_INJECTION: forcing a failure.
[  267.820799][T11638] name failslab, interval 1, probability 0, space 0, times 0
[  267.841424][T11638] CPU: 0 PID: 11638 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  267.850156][T11638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  267.860349][T11638] Call Trace:
[  267.863673][T11638]  dump_stack+0x172/0x1f0
[  267.868118][T11638]  should_fail.cold+0xa/0x15
[  267.872739][T11638]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  267.878565][T11638]  ? ___might_sleep+0x163/0x280
[  267.883510][T11638]  __should_failslab+0x121/0x190
[  267.888460][T11638]  should_failslab+0x9/0x14
[  267.892971][T11638]  __kmalloc_track_caller+0x2d8/0x740
[  267.898389][T11638]  ? pointer+0x910/0x910
[  267.902663][T11638]  ? set_precision+0x180/0x180
[  267.907417][T11638]  ? fs_reclaim_acquire.part.0+0x30/0x30
[  267.913330][T11638]  ? kasprintf+0xbb/0xf0
[  267.917591][T11638]  kvasprintf+0xc8/0x170
[  267.921856][T11638]  ? bust_spinlocks+0xe0/0xe0
[  267.926562][T11638]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  267.932288][T11638]  ? find_next_bit+0x107/0x130
[  267.937078][T11638]  kasprintf+0xbb/0xf0
[  267.937093][T11638]  ? kvasprintf_const+0x190/0x190
[  267.937118][T11638]  ? kasan_check_read+0x11/0x20
[  267.951145][T11638]  alloc_workqueue+0x442/0xe70
[  267.951172][T11638]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  267.951193][T11638]  ? __init_waitqueue_head+0x36/0x90
[  267.951217][T11638]  hci_register_dev+0x1b8/0x860
[  267.951232][T11638]  ? hci_init_sysfs+0x7c/0xa0
[  267.951254][T11638]  __vhci_create_device+0x2d0/0x5a0
[  267.951272][T11638]  vhci_write+0x2d0/0x470
[  267.951300][T11638]  new_sync_write+0x4c7/0x760
[  267.961780][T11638]  ? default_llseek+0x2e0/0x2e0
[  267.961799][T11638]  ? copy_page_to_iter+0x4e7/0xd60
[  267.961820][T11638]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  267.961834][T11638]  ? put_page+0xce/0x130
[  267.961860][T11638]  __vfs_write+0xe4/0x110
[  267.961877][T11638]  __kernel_write+0x110/0x3b0
18:25:21 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e, 0x2)

[  267.961894][T11638]  write_pipe_buf+0x15d/0x1f0
[  267.961910][T11638]  ? aa_file_perm+0x432/0xeb0
[  267.961923][T11638]  ? do_splice_direct+0x2a0/0x2a0
[  267.961937][T11638]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  267.961950][T11638]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  267.961965][T11638]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  267.961984][T11638]  __splice_from_pipe+0x395/0x7d0
[  267.986279][T11638]  ? do_splice_direct+0x2a0/0x2a0
[  267.986310][T11638]  ? do_splice_direct+0x2a0/0x2a0
[  267.986325][T11638]  splice_from_pipe+0x108/0x170
[  267.986348][T11638]  ? splice_shrink_spd+0xd0/0xd0
[  268.001099][T11638]  default_file_splice_write+0x3c/0x90
[  268.001117][T11638]  ? generic_splice_sendpage+0x50/0x50
[  268.001134][T11638]  direct_splice_actor+0x126/0x1a0
[  268.001150][T11638]  splice_direct_to_actor+0x369/0x970
[  268.001167][T11638]  ? generic_pipe_buf_nosteal+0x10/0x10
[  268.001187][T11638]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  268.001206][T11638]  ? do_splice_to+0x190/0x190
18:25:21 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7000000, 0x2)

[  268.011719][T11638]  ? rw_verify_area+0x118/0x360
[  268.011741][T11638]  do_splice_direct+0x1da/0x2a0
[  268.011759][T11638]  ? splice_direct_to_actor+0x970/0x970
[  268.011788][T11638]  ? rw_verify_area+0x118/0x360
[  268.020797][T11638]  do_sendfile+0x597/0xd00
[  268.020824][T11638]  ? do_compat_pwritev64+0x1c0/0x1c0
[  268.020847][T11638]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  268.020861][T11638]  ? _copy_from_user+0xdd/0x150
[  268.020876][T11638]  __x64_sys_sendfile64+0x15a/0x220
[  268.020891][T11638]  ? __ia32_sys_sendfile+0x230/0x230
[  268.020905][T11638]  ? do_syscall_64+0x26/0x610
[  268.020929][T11638]  ? lockdep_hardirqs_on+0x418/0x5d0
[  268.030281][T11638]  ? trace_hardirqs_on+0x67/0x230
[  268.030311][T11638]  do_syscall_64+0x103/0x610
[  268.030332][T11638]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  268.030344][T11638] RIP: 0033:0x457f29
[  268.030358][T11638] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:25:21 executing program 5:
socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:21 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x68000000, 0x2)

[  268.030365][T11638] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  268.041756][T11638] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  268.041765][T11638] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  268.041772][T11638] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  268.041779][T11638] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  268.041788][T11638] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:21 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x48, 0x2)

18:25:21 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x8000000, 0x2)

18:25:21 executing program 2 (fault-call:5 fault-nth:10):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:21 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r1, 0xc10c5541, &(0x7f0000000000)={0xfffffffffffffff7, 0x4, 0x1, 0x0, 0x0, [], [], [], 0xfffffffffffffff8, 0xfffffffffffffffb})
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:21 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c000000, 0x2)

18:25:21 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c, 0x2)

18:25:21 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10000000, 0x2)

[  268.569957][T11687] FAULT_INJECTION: forcing a failure.
[  268.569957][T11687] name failslab, interval 1, probability 0, space 0, times 0
[  268.630467][T11687] CPU: 1 PID: 11687 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  268.639279][T11687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  268.639286][T11687] Call Trace:
[  268.639312][T11687]  dump_stack+0x172/0x1f0
[  268.639337][T11687]  should_fail.cold+0xa/0x15
[  268.639361][T11687]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  268.639385][T11687]  ? ___might_sleep+0x163/0x280
[  268.639407][T11687]  __should_failslab+0x121/0x190
[  268.639424][T11687]  should_failslab+0x9/0x14
[  268.639440][T11687]  __kmalloc+0x2dc/0x740
[  268.639466][T11687]  ? apply_wqattrs_prepare+0xae/0x970
[  268.639487][T11687]  apply_wqattrs_prepare+0xae/0x970
[  268.639518][T11687]  apply_workqueue_attrs_locked+0xcb/0x140
[  268.639538][T11687]  apply_workqueue_attrs+0x31/0x50
[  268.639557][T11687]  alloc_workqueue+0x84c/0xe70
[  268.639582][T11687]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  268.639605][T11687]  ? __init_waitqueue_head+0x36/0x90
[  268.639633][T11687]  hci_register_dev+0x1b8/0x860
18:25:21 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x74000000, 0x2)

[  268.639649][T11687]  ? hci_init_sysfs+0x7c/0xa0
[  268.639672][T11687]  __vhci_create_device+0x2d0/0x5a0
[  268.639690][T11687]  vhci_write+0x2d0/0x470
[  268.639710][T11687]  new_sync_write+0x4c7/0x760
[  268.639728][T11687]  ? default_llseek+0x2e0/0x2e0
[  268.639745][T11687]  ? copy_page_to_iter+0x4e7/0xd60
[  268.639768][T11687]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  268.639784][T11687]  ? put_page+0xce/0x130
[  268.639823][T11687]  __vfs_write+0xe4/0x110
[  268.667963][T11687]  __kernel_write+0x110/0x3b0
[  268.667984][T11687]  write_pipe_buf+0x15d/0x1f0
[  268.668006][T11687]  ? aa_file_perm+0x432/0xeb0
[  268.786870][T11687]  ? do_splice_direct+0x2a0/0x2a0
[  268.791907][T11687]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  268.798153][T11687]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  268.804216][T11687]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  268.810479][T11687]  __splice_from_pipe+0x395/0x7d0
[  268.815514][T11687]  ? do_splice_direct+0x2a0/0x2a0
[  268.820546][T11687]  ? do_splice_direct+0x2a0/0x2a0
[  268.825581][T11687]  splice_from_pipe+0x108/0x170
[  268.830438][T11687]  ? splice_shrink_spd+0xd0/0xd0
[  268.835386][T11687]  default_file_splice_write+0x3c/0x90
[  268.841095][T11687]  ? generic_splice_sendpage+0x50/0x50
[  268.846569][T11687]  direct_splice_actor+0x126/0x1a0
[  268.851700][T11687]  splice_direct_to_actor+0x369/0x970
[  268.857089][T11687]  ? generic_pipe_buf_nosteal+0x10/0x10
[  268.862636][T11687]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  268.868874][T11687]  ? do_splice_to+0x190/0x190
[  268.873854][T11687]  ? rw_verify_area+0x118/0x360
[  268.878718][T11687]  do_splice_direct+0x1da/0x2a0
[  268.883602][T11687]  ? splice_direct_to_actor+0x970/0x970
[  268.889165][T11687]  ? rw_verify_area+0x118/0x360
[  268.894016][T11687]  do_sendfile+0x597/0xd00
[  268.898538][T11687]  ? do_compat_pwritev64+0x1c0/0x1c0
[  268.903819][T11687]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  268.910077][T11687]  ? _copy_from_user+0xdd/0x150
[  268.915294][T11687]  __x64_sys_sendfile64+0x15a/0x220
[  268.920600][T11687]  ? __ia32_sys_sendfile+0x230/0x230
[  268.926049][T11687]  ? do_syscall_64+0x26/0x610
[  268.930827][T11687]  ? lockdep_hardirqs_on+0x418/0x5d0
[  268.936119][T11687]  ? trace_hardirqs_on+0x67/0x230
[  268.941156][T11687]  do_syscall_64+0x103/0x610
[  268.945849][T11687]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  268.951735][T11687] RIP: 0033:0x457f29
[  268.955622][T11687] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  268.975786][T11687] RSP: 002b:00007f30489dcc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  268.984332][T11687] RAX: ffffffffffffffda RBX: 00007f30489dcc90 RCX: 0000000000457f29
[  268.992292][T11687] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  269.000441][T11687] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  269.008412][T11687] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489dd6d4
[  269.016365][T11687] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  269.028223][T11687] Bluetooth: Can't register HCI device
18:25:22 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x6, 0x14102)
setsockopt$TIPC_IMPORTANCE(r1, 0x10f, 0x7f, &(0x7f0000000040), 0x4)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r2, 0x0, 0x2)

18:25:22 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x68, 0x2)

18:25:22 executing program 5:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:22 executing program 2 (fault-call:5 fault-nth:11):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:22 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x20000000, 0x2)

18:25:22 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a000000, 0x2)

18:25:22 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000)=0x8, 0x4)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  269.255384][T11713] FAULT_INJECTION: forcing a failure.
[  269.255384][T11713] name failslab, interval 1, probability 0, space 0, times 0
[  269.289335][T11713] CPU: 1 PID: 11713 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  269.298069][T11713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  269.308136][T11713] Call Trace:
[  269.311538][T11713]  dump_stack+0x172/0x1f0
[  269.315887][T11713]  should_fail.cold+0xa/0x15
[  269.320509][T11713]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  269.326331][T11713]  ? ___might_sleep+0x163/0x280
[  269.331195][T11713]  __should_failslab+0x121/0x190
[  269.336143][T11713]  should_failslab+0x9/0x14
[  269.340652][T11713]  kmem_cache_alloc_trace+0x2d1/0x760
[  269.340668][T11713]  ? rcu_read_lock_sched_held+0x110/0x130
18:25:22 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2f080100, 0x2)

18:25:22 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c, 0x2)

[  269.340681][T11713]  ? __kmalloc+0x5d5/0x740
[  269.340702][T11713]  alloc_workqueue_attrs+0x82/0x120
[  269.340719][T11713]  apply_wqattrs_prepare+0xbb/0x970
[  269.340742][T11713]  apply_workqueue_attrs_locked+0xcb/0x140
[  269.340759][T11713]  apply_workqueue_attrs+0x31/0x50
[  269.340773][T11713]  alloc_workqueue+0x84c/0xe70
[  269.340801][T11713]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  269.340821][T11713]  ? __init_waitqueue_head+0x36/0x90
[  269.340843][T11713]  hci_register_dev+0x1b8/0x860
[  269.340857][T11713]  ? hci_init_sysfs+0x7c/0xa0
[  269.340877][T11713]  __vhci_create_device+0x2d0/0x5a0
[  269.340894][T11713]  vhci_write+0x2d0/0x470
[  269.340918][T11713]  new_sync_write+0x4c7/0x760
[  269.352131][T11713]  ? default_llseek+0x2e0/0x2e0
[  269.352149][T11713]  ? copy_page_to_iter+0x4e7/0xd60
[  269.352168][T11713]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  269.352182][T11713]  ? put_page+0xce/0x130
[  269.352210][T11713]  __vfs_write+0xe4/0x110
[  269.352227][T11713]  __kernel_write+0x110/0x3b0
[  269.352245][T11713]  write_pipe_buf+0x15d/0x1f0
[  269.352261][T11713]  ? aa_file_perm+0x432/0xeb0
[  269.352274][T11713]  ? do_splice_direct+0x2a0/0x2a0
[  269.352288][T11713]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  269.352301][T11713]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  269.352314][T11713]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  269.352330][T11713]  __splice_from_pipe+0x395/0x7d0
[  269.352345][T11713]  ? do_splice_direct+0x2a0/0x2a0
[  269.352364][T11713]  ? do_splice_direct+0x2a0/0x2a0
[  269.352378][T11713]  splice_from_pipe+0x108/0x170
18:25:22 executing program 5:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:22 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x30080100, 0x2)

[  269.352394][T11713]  ? splice_shrink_spd+0xd0/0xd0
[  269.352419][T11713]  default_file_splice_write+0x3c/0x90
[  269.352431][T11713]  ? generic_splice_sendpage+0x50/0x50
[  269.352446][T11713]  direct_splice_actor+0x126/0x1a0
[  269.352462][T11713]  splice_direct_to_actor+0x369/0x970
[  269.352478][T11713]  ? generic_pipe_buf_nosteal+0x10/0x10
[  269.352495][T11713]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  269.352509][T11713]  ? do_splice_to+0x190/0x190
[  269.352525][T11713]  ? rw_verify_area+0x118/0x360
[  269.352542][T11713]  do_splice_direct+0x1da/0x2a0
[  269.352556][T11713]  ? splice_direct_to_actor+0x970/0x970
[  269.352580][T11713]  ? rw_verify_area+0x118/0x360
[  269.352598][T11713]  do_sendfile+0x597/0xd00
[  269.352622][T11713]  ? do_compat_pwritev64+0x1c0/0x1c0
[  269.352642][T11713]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  269.352653][T11713]  ? _copy_from_user+0xdd/0x150
[  269.352668][T11713]  __x64_sys_sendfile64+0x15a/0x220
[  269.352682][T11713]  ? __ia32_sys_sendfile+0x230/0x230
[  269.352695][T11713]  ? do_syscall_64+0x26/0x610
18:25:22 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x87600000, 0x2)

[  269.352710][T11713]  ? lockdep_hardirqs_on+0x418/0x5d0
[  269.352725][T11713]  ? trace_hardirqs_on+0x67/0x230
[  269.352742][T11713]  do_syscall_64+0x103/0x610
[  269.352760][T11713]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  269.352771][T11713] RIP: 0033:0x457f29
[  269.352786][T11713] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:25:23 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x74, 0x2)

[  269.352802][T11713] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  269.352817][T11713] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  269.352825][T11713] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  269.352833][T11713] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  269.352841][T11713] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  269.352848][T11713] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  269.413251][T11713] Bluetooth: Can't register HCI device
18:25:23 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x31080100, 0x2)

18:25:23 executing program 2 (fault-call:5 fault-nth:12):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:23 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xfeffffff, 0x2)

18:25:23 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a, 0x2)

[  269.890235][T11764] FAULT_INJECTION: forcing a failure.
[  269.890235][T11764] name failslab, interval 1, probability 0, space 0, times 0
[  269.912780][T11764] CPU: 0 PID: 11764 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  269.921497][T11764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  269.931562][T11764] Call Trace:
[  269.934871][T11764]  dump_stack+0x172/0x1f0
18:25:23 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1ec0aac5b965a76656691db8b0ca11933708b4b180bda3bb90c7ef757dcb057960fd964ac5a77be1d53362eecfca852d2cbc4bc96ddafdcf31e492f41d43552a3c630ac68841b0b3cc25a8779d41d14783474ad968f02b1da1a5d2a541439eedd0fc9563278b6ef38181b3653ae420cb9f8399edf6b620afe446cfdaa6ec2f8779237e2d019ec219858951cecf935a6967d100000000000000"], 0x2)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@int=0x5, 0x4)
sendfile(r0, r1, 0x0, 0x2)

18:25:23 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x32080100, 0x2)

[  269.939230][T11764]  should_fail.cold+0xa/0x15
[  269.943934][T11764]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  269.949754][T11764]  ? ___might_sleep+0x163/0x280
[  269.954610][T11764]  __should_failslab+0x121/0x190
[  269.954628][T11764]  should_failslab+0x9/0x14
[  269.954644][T11764]  kmem_cache_alloc_trace+0x2d1/0x760
[  269.954659][T11764]  ? rcu_read_lock_sched_held+0x110/0x130
[  269.954673][T11764]  ? __kmalloc+0x5d5/0x740
[  269.954696][T11764]  alloc_workqueue_attrs+0x82/0x120
[  269.954713][T11764]  apply_wqattrs_prepare+0xc8/0x970
18:25:23 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xffffff7f, 0x2)

[  269.954739][T11764]  apply_workqueue_attrs_locked+0xcb/0x140
[  269.954757][T11764]  apply_workqueue_attrs+0x31/0x50
[  269.954774][T11764]  alloc_workqueue+0x84c/0xe70
[  269.954797][T11764]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  269.954824][T11764]  ? __init_waitqueue_head+0x36/0x90
[  269.996004][T11764]  hci_register_dev+0x1b8/0x860
[  269.996022][T11764]  ? hci_init_sysfs+0x7c/0xa0
[  269.996056][T11764]  __vhci_create_device+0x2d0/0x5a0
[  269.996076][T11764]  vhci_write+0x2d0/0x470
[  269.996094][T11764]  new_sync_write+0x4c7/0x760
[  269.996110][T11764]  ? default_llseek+0x2e0/0x2e0
[  269.996126][T11764]  ? copy_page_to_iter+0x4e7/0xd60
[  269.996145][T11764]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  269.996159][T11764]  ? put_page+0xce/0x130
[  269.996183][T11764]  __vfs_write+0xe4/0x110
[  269.996202][T11764]  __kernel_write+0x110/0x3b0
[  269.996222][T11764]  write_pipe_buf+0x15d/0x1f0
[  270.017081][T11764]  ? aa_file_perm+0x432/0xeb0
[  270.017099][T11764]  ? do_splice_direct+0x2a0/0x2a0
18:25:23 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xfffffffe, 0x2)

[  270.017223][T11764]  ? wiphy_new_nm+0x1580/0x1ec0
[  270.017245][T11764]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  270.031972][T11764]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  270.031990][T11764]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  270.032010][T11764]  __splice_from_pipe+0x395/0x7d0
[  270.032025][T11764]  ? do_splice_direct+0x2a0/0x2a0
[  270.032055][T11764]  ? do_splice_direct+0x2a0/0x2a0
[  270.041064][T11764]  splice_from_pipe+0x108/0x170
[  270.041084][T11764]  ? splice_shrink_spd+0xd0/0xd0
[  270.041116][T11764]  default_file_splice_write+0x3c/0x90
[  270.041130][T11764]  ? generic_splice_sendpage+0x50/0x50
[  270.041146][T11764]  direct_splice_actor+0x126/0x1a0
[  270.041162][T11764]  splice_direct_to_actor+0x369/0x970
[  270.041177][T11764]  ? generic_pipe_buf_nosteal+0x10/0x10
[  270.041197][T11764]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  270.041210][T11764]  ? do_splice_to+0x190/0x190
[  270.041230][T11764]  ? rw_verify_area+0x118/0x360
[  270.041247][T11764]  do_splice_direct+0x1da/0x2a0
[  270.041262][T11764]  ? splice_direct_to_actor+0x970/0x970
[  270.041287][T11764]  ? rw_verify_area+0x118/0x360
[  270.051236][T11764]  do_sendfile+0x597/0xd00
[  270.051265][T11764]  ? do_compat_pwritev64+0x1c0/0x1c0
[  270.051288][T11764]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  270.051309][T11764]  ? _copy_from_user+0xdd/0x150
[  270.051327][T11764]  __x64_sys_sendfile64+0x15a/0x220
[  270.051341][T11764]  ? __ia32_sys_sendfile+0x230/0x230
[  270.051355][T11764]  ? do_syscall_64+0x26/0x610
[  270.051370][T11764]  ? lockdep_hardirqs_on+0x418/0x5d0
[  270.051385][T11764]  ? trace_hardirqs_on+0x67/0x230
[  270.051401][T11764]  do_syscall_64+0x103/0x610
[  270.051420][T11764]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  270.051431][T11764] RIP: 0033:0x457f29
[  270.051445][T11764] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  270.051452][T11764] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  270.051466][T11764] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  270.051481][T11764] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  270.070989][T11764] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  270.070998][T11764] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  270.071007][T11764] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  270.093453][T11764] Bluetooth: Can't register HCI device
18:25:23 executing program 5:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:23 executing program 2 (fault-call:5 fault-nth:13):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:23 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x204, 0x2)

18:25:23 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x33080100, 0x2)

18:25:23 executing program 4:
r0 = socket$inet6(0xa, 0x3fffffffffff, 0x80400001)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:23 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xffffffff000, 0x2)

[  270.495252][T11792] FAULT_INJECTION: forcing a failure.
[  270.495252][T11792] name failslab, interval 1, probability 0, space 0, times 0
18:25:23 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x300, 0x2)

[  270.539098][T11792] CPU: 0 PID: 11792 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  270.547816][T11792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  270.557884][T11792] Call Trace:
[  270.557917][T11792]  dump_stack+0x172/0x1f0
[  270.557939][T11792]  should_fail.cold+0xa/0x15
[  270.557957][T11792]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  270.557979][T11792]  ? ___might_sleep+0x163/0x280
[  270.558000][T11792]  __should_failslab+0x121/0x190
18:25:23 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x34080100, 0x2)

[  270.558026][T11792]  should_failslab+0x9/0x14
[  270.570219][T11792]  kmem_cache_alloc_node+0x264/0x710
[  270.570250][T11792]  alloc_unbound_pwq+0x4c5/0xcf0
[  270.570273][T11792]  apply_wqattrs_prepare+0x35e/0x970
[  270.570307][T11792]  apply_workqueue_attrs_locked+0xcb/0x140
[  270.570326][T11792]  apply_workqueue_attrs+0x31/0x50
[  270.570342][T11792]  alloc_workqueue+0x84c/0xe70
[  270.570364][T11792]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  270.570386][T11792]  ? __init_waitqueue_head+0x36/0x90
[  270.570409][T11792]  hci_register_dev+0x1b8/0x860
18:25:23 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x402, 0x2)

[  270.627417][T11792]  ? hci_init_sysfs+0x7c/0xa0
[  270.627443][T11792]  __vhci_create_device+0x2d0/0x5a0
[  270.627462][T11792]  vhci_write+0x2d0/0x470
[  270.627490][T11792]  new_sync_write+0x4c7/0x760
[  270.642757][T11792]  ? default_llseek+0x2e0/0x2e0
[  270.642778][T11792]  ? copy_page_to_iter+0x4e7/0xd60
[  270.642799][T11792]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  270.642814][T11792]  ? put_page+0xce/0x130
[  270.642839][T11792]  __vfs_write+0xe4/0x110
[  270.681845][T11792]  __kernel_write+0x110/0x3b0
[  270.686538][T11792]  write_pipe_buf+0x15d/0x1f0
[  270.691236][T11792]  ? aa_file_perm+0x432/0xeb0
[  270.695923][T11792]  ? do_splice_direct+0x2a0/0x2a0
[  270.700962][T11792]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  270.700977][T11792]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  270.700991][T11792]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  270.701010][T11792]  __splice_from_pipe+0x395/0x7d0
[  270.724732][T11792]  ? do_splice_direct+0x2a0/0x2a0
[  270.729906][T11792]  ? do_splice_direct+0x2a0/0x2a0
[  270.734955][T11792]  splice_from_pipe+0x108/0x170
[  270.739814][T11792]  ? splice_shrink_spd+0xd0/0xd0
[  270.744776][T11792]  default_file_splice_write+0x3c/0x90
[  270.750335][T11792]  ? generic_splice_sendpage+0x50/0x50
[  270.755804][T11792]  direct_splice_actor+0x126/0x1a0
[  270.760941][T11792]  splice_direct_to_actor+0x369/0x970
[  270.766326][T11792]  ? generic_pipe_buf_nosteal+0x10/0x10
[  270.771887][T11792]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  270.778134][T11792]  ? do_splice_to+0x190/0x190
[  270.782820][T11792]  ? rw_verify_area+0x118/0x360
18:25:24 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
setrlimit(0x2, &(0x7f0000000040)={0x0, 0x2000000})
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x6, 0x32, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x1a, &(0x7f000004c000)=0x23, 0x4)
setsockopt$sock_int(r2, 0x1, 0x2000000000f, &(0x7f0000f10000)=0xfffffffffffff830, 0x4)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$VHOST_SET_VRING_ENDIAN(r3, 0x4008af13, &(0x7f0000000040)={0x3, 0x3})
bind$inet(r3, &(0x7f000086eff0)={0x2, 0x4e22, @multicast2}, 0x10)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={[], [], @rand_addr=0x9}}, 0x1c)
bind$inet6(r2, &(0x7f0000f13000)={0xa, 0x4e22}, 0x1c)
r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r4, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r4, 0x0, 0x2)

18:25:24 executing program 5:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:24 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6087ffffffff, 0x2)

[  270.787679][T11792]  do_splice_direct+0x1da/0x2a0
[  270.792538][T11792]  ? splice_direct_to_actor+0x970/0x970
[  270.798103][T11792]  ? rw_verify_area+0x118/0x360
[  270.802979][T11792]  do_sendfile+0x597/0xd00
[  270.807414][T11792]  ? do_compat_pwritev64+0x1c0/0x1c0
[  270.812777][T11792]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  270.819123][T11792]  ? _copy_from_user+0xdd/0x150
[  270.823979][T11792]  __x64_sys_sendfile64+0x15a/0x220
[  270.823996][T11792]  ? __ia32_sys_sendfile+0x230/0x230
[  270.824018][T11792]  ? do_syscall_64+0x26/0x610
[  270.840227][T11792]  ? lockdep_hardirqs_on+0x418/0x5d0
[  270.840245][T11792]  ? trace_hardirqs_on+0x67/0x230
[  270.840265][T11792]  do_syscall_64+0x103/0x610
[  270.840285][T11792]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  270.840305][T11792] RIP: 0033:0x457f29
[  270.840327][T11792] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:25:24 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x35080100, 0x2)

[  270.884647][T11792] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  270.884662][T11792] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  270.884670][T11792] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  270.884678][T11792] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  270.884687][T11792] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  270.884696][T11792] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  270.897466][T11827] mmap: syz-executor.4 (11827): VmData 35184640 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  270.977892][T11792] Bluetooth: Can't register HCI device
18:25:24 executing program 2 (fault-call:5 fault-nth:14):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:24 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x500, 0x2)

18:25:24 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xf0ffffff0f0000, 0x2)

18:25:24 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
pipe2$9p(&(0x7f0000000000), 0x80800)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snapshot\x00', 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r1, 0x541a, &(0x7f0000000240))
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
connect$x25(0xffffffffffffffff, &(0x7f0000000040)={0x9, @remote={[], 0x2}}, 0x12)
openat$audio(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x40000, 0x0)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="0700b2fca2f85fbd5fd990920dc9e96d5c6890e046a67a0e918e70f15d3eabf0ac13c2078c99101cfe9f5883cfc0435fc34e6835c5a8b9b543016afe9cddb8aa135eaa3d74bf8ea9bad43076dd85f26dc370d0e579e36cf88603ccb6f518308996eadf54ba725c50850407ce4f5a0fded9271d75f608f23f291e400b2b68676f6109af4c8673882d3b14822da542bb12e846f0aa5246166d26b3b1891d161b7871b28880fb5590ab234d127373e40de2a7b51f81241b6f197c4ba96127be30e415512be8ce06cfd8cd6f9cebbd5d60440e8485f1a40086070f86eb2ee1f0f55a752d8d4f2a3faeb055c0313a092a9f1ab5df3cdcd2f92e9b1e0fdb91be70b18374f05fd480e1e04ab8489e27d5d486"], 0x2)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x2)

18:25:24 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x36080100, 0x2)

[  271.182216][T11849] FAULT_INJECTION: forcing a failure.
[  271.182216][T11849] name failslab, interval 1, probability 0, space 0, times 0
[  271.209089][T11849] CPU: 0 PID: 11849 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  271.217826][T11849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  271.227915][T11849] Call Trace:
[  271.231341][T11849]  dump_stack+0x172/0x1f0
[  271.235698][T11849]  should_fail.cold+0xa/0x15
[  271.240354][T11849]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  271.240403][T11849]  ? ___might_sleep+0x163/0x280
[  271.240449][T11849]  __should_failslab+0x121/0x190
[  271.240477][T11849]  should_failslab+0x9/0x14
[  271.251132][T11849]  __kmalloc+0x2dc/0x740
[  271.251149][T11849]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  271.251165][T11849]  ? pwq_adjust_max_active+0x3b6/0x5c0
18:25:24 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x600, 0x2)

18:25:24 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x400000)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  271.251180][T11849]  ? alloc_workqueue+0x13c/0xe70
[  271.251198][T11849]  alloc_workqueue+0x13c/0xe70
[  271.251220][T11849]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  271.275962][T11849]  ? __init_waitqueue_head+0x36/0x90
[  271.275989][T11849]  hci_register_dev+0x209/0x860
[  271.276016][T11849]  __vhci_create_device+0x2d0/0x5a0
[  271.286443][T11849]  vhci_write+0x2d0/0x470
[  271.286466][T11849]  new_sync_write+0x4c7/0x760
[  271.286484][T11849]  ? default_llseek+0x2e0/0x2e0
[  271.286506][T11849]  ? copy_page_to_iter+0x4e7/0xd60
18:25:24 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x37080100, 0x2)

[  271.331246][T11849]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  271.337584][T11849]  ? put_page+0xce/0x130
[  271.341863][T11849]  __vfs_write+0xe4/0x110
[  271.346209][T11849]  __kernel_write+0x110/0x3b0
[  271.350904][T11849]  write_pipe_buf+0x15d/0x1f0
[  271.355618][T11849]  ? aa_file_perm+0x432/0xeb0
[  271.360316][T11849]  ? do_splice_direct+0x2a0/0x2a0
[  271.365442][T11849]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  271.371706][T11849]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  271.371724][T11849]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  271.371744][T11849]  __splice_from_pipe+0x395/0x7d0
[  271.371760][T11849]  ? do_splice_direct+0x2a0/0x2a0
[  271.371780][T11849]  ? do_splice_direct+0x2a0/0x2a0
[  271.384122][T11849]  splice_from_pipe+0x108/0x170
[  271.384141][T11849]  ? splice_shrink_spd+0xd0/0xd0
[  271.384180][T11849]  default_file_splice_write+0x3c/0x90
[  271.384194][T11849]  ? generic_splice_sendpage+0x50/0x50
[  271.384210][T11849]  direct_splice_actor+0x126/0x1a0
[  271.384228][T11849]  splice_direct_to_actor+0x369/0x970
[  271.384248][T11849]  ? generic_pipe_buf_nosteal+0x10/0x10
[  271.436898][T11849]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  271.443175][T11849]  ? do_splice_to+0x190/0x190
[  271.448003][T11849]  ? rw_verify_area+0x118/0x360
[  271.452901][T11849]  do_splice_direct+0x1da/0x2a0
[  271.457776][T11849]  ? splice_direct_to_actor+0x970/0x970
[  271.463354][T11849]  ? rw_verify_area+0x118/0x360
[  271.468250][T11849]  do_sendfile+0x597/0xd00
[  271.472709][T11849]  ? do_compat_pwritev64+0x1c0/0x1c0
18:25:24 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x700, 0x2)

[  271.478018][T11849]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  271.484302][T11849]  ? _copy_from_user+0xdd/0x150
[  271.489286][T11849]  __x64_sys_sendfile64+0x15a/0x220
[  271.496517][T11849]  ? __ia32_sys_sendfile+0x230/0x230
[  271.496535][T11849]  ? do_syscall_64+0x26/0x610
[  271.496552][T11849]  ? lockdep_hardirqs_on+0x418/0x5d0
[  271.496574][T11849]  ? trace_hardirqs_on+0x67/0x230
[  271.506718][T11849]  do_syscall_64+0x103/0x610
[  271.521622][T11849]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  271.527814][T11849] RIP: 0033:0x457f29
[  271.531715][T11849] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  271.551419][T11849] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  271.551435][T11849] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  271.551442][T11849] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  271.551449][T11849] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  271.551456][T11849] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  271.551464][T11849] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  271.567751][T11849] Bluetooth: Can't register HCI device
18:25:25 executing program 5:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:25 executing program 4:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x105002)
write$P9_RXATTRWALK(r0, &(0x7f0000000040)={0xf, 0x1f, 0x2, 0xf5}, 0xf)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r1, r2, 0x0, 0x2)

18:25:25 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x100000000000000, 0x2)

18:25:25 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x38080100, 0x2)

18:25:25 executing program 2 (fault-call:5 fault-nth:15):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:25 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xa00, 0x2)

[  271.781864][T11885] FAULT_INJECTION: forcing a failure.
[  271.781864][T11885] name failslab, interval 1, probability 0, space 0, times 0
[  271.798253][T11885] CPU: 0 PID: 11885 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  271.806954][T11885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  271.817017][T11885] Call Trace:
[  271.820421][T11885]  dump_stack+0x172/0x1f0
[  271.824787][T11885]  should_fail.cold+0xa/0x15
18:25:25 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xf23, 0x2)

[  271.829546][T11885]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  271.835419][T11885]  ? ___might_sleep+0x163/0x280
[  271.840283][T11885]  __should_failslab+0x121/0x190
[  271.845275][T11885]  should_failslab+0x9/0x14
[  271.849794][T11885]  kmem_cache_alloc_trace+0x2d1/0x760
[  271.855171][T11885]  ? rcu_read_lock_sched_held+0x110/0x130
[  271.860899][T11885]  ? __kmalloc+0x5d5/0x740
[  271.865449][T11885]  alloc_workqueue_attrs+0x82/0x120
[  271.870662][T11885]  alloc_workqueue+0x166/0xe70
[  271.875442][T11885]  ? workqueue_sysfs_register+0x3f0/0x3f0
18:25:25 executing program 5:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000280)=0x1f)

[  271.881185][T11885]  ? __init_waitqueue_head+0x36/0x90
[  271.881214][T11885]  hci_register_dev+0x209/0x860
[  271.891361][T11885]  __vhci_create_device+0x2d0/0x5a0
[  271.891377][T11885]  vhci_write+0x2d0/0x470
[  271.891396][T11885]  new_sync_write+0x4c7/0x760
[  271.891414][T11885]  ? default_llseek+0x2e0/0x2e0
[  271.891435][T11885]  ? copy_page_to_iter+0x4e7/0xd60
[  271.915583][T11885]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  271.921840][T11885]  ? put_page+0xce/0x130
[  271.926104][T11885]  __vfs_write+0xe4/0x110
[  271.926127][T11885]  __kernel_write+0x110/0x3b0
[  271.935572][T11885]  write_pipe_buf+0x15d/0x1f0
[  271.940261][T11885]  ? aa_file_perm+0x432/0xeb0
[  271.944985][T11885]  ? do_splice_direct+0x2a0/0x2a0
[  271.945015][T11885]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  271.956317][T11885]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  271.962449][T11885]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  271.970636][T11885]  __splice_from_pipe+0x395/0x7d0
[  271.975699][T11885]  ? do_splice_direct+0x2a0/0x2a0
18:25:25 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x1f00, 0x2)

[  271.980761][T11885]  ? do_splice_direct+0x2a0/0x2a0
[  271.985829][T11885]  splice_from_pipe+0x108/0x170
[  271.990702][T11885]  ? splice_shrink_spd+0xd0/0xd0
[  271.995664][T11885]  default_file_splice_write+0x3c/0x90
[  272.001139][T11885]  ? generic_splice_sendpage+0x50/0x50
[  272.006629][T11885]  direct_splice_actor+0x126/0x1a0
[  272.011753][T11885]  splice_direct_to_actor+0x369/0x970
[  272.017134][T11885]  ? generic_pipe_buf_nosteal+0x10/0x10
[  272.022685][T11885]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  272.028931][T11885]  ? do_splice_to+0x190/0x190
[  272.033619][T11885]  ? rw_verify_area+0x118/0x360
[  272.033640][T11885]  do_splice_direct+0x1da/0x2a0
[  272.033657][T11885]  ? splice_direct_to_actor+0x970/0x970
[  272.033681][T11885]  ? rw_verify_area+0x118/0x360
[  272.043379][T11885]  do_sendfile+0x597/0xd00
[  272.043404][T11885]  ? do_compat_pwritev64+0x1c0/0x1c0
[  272.043427][T11885]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  272.043440][T11885]  ? _copy_from_user+0xdd/0x150
[  272.043457][T11885]  __x64_sys_sendfile64+0x15a/0x220
18:25:25 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2000, 0x2)

[  272.043478][T11885]  ? __ia32_sys_sendfile+0x230/0x230
[  272.085168][T11885]  ? do_syscall_64+0x26/0x610
[  272.089858][T11885]  ? lockdep_hardirqs_on+0x418/0x5d0
[  272.095134][T11885]  ? trace_hardirqs_on+0x67/0x230
[  272.100162][T11885]  do_syscall_64+0x103/0x610
[  272.104778][T11885]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  272.110700][T11885] RIP: 0033:0x457f29
18:25:25 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x230f, 0x2)

18:25:25 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e000000, 0x2)

18:25:25 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x200000000000000, 0x2)

[  272.114602][T11885] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  272.134210][T11885] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  272.142989][T11885] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  272.150952][T11885] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  272.158921][T11885] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  272.166907][T11885] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  272.174879][T11885] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  272.251620][T11885] Bluetooth: Can't register HCI device
18:25:25 executing program 2 (fault-call:5 fault-nth:16):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:25 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3f000000, 0x2)

18:25:25 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000000)={<r2=>0x0, 0x4e, "df4ab117f7b1c057a9f9da981b1b9cf8dcc1cc8dc084f93246f4a0d72fb61fb4de91f73bda4fcae8eb158b1ffb42bd728d9f4b71b0481490ece5c9cfea1bc0b3bd82602543a5c459352bd4fdd274"}, &(0x7f0000000080)=0x56)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f00000000c0)={r2, 0x9}, 0x8)
sendfile(r0, r1, 0x0, 0x2)

18:25:25 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x204000000000000, 0x2)

18:25:25 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e00, 0x2)

[  272.405720][T11930] FAULT_INJECTION: forcing a failure.
[  272.405720][T11930] name failslab, interval 1, probability 0, space 0, times 0
[  272.467856][T11930] CPU: 1 PID: 11930 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  272.476613][T11930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  272.486678][T11930] Call Trace:
[  272.489991][T11930]  dump_stack+0x172/0x1f0
[  272.494339][T11930]  should_fail.cold+0xa/0x15
[  272.498943][T11930]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  272.504850][T11930]  ? ___might_sleep+0x163/0x280
[  272.509722][T11930]  __should_failslab+0x121/0x190
[  272.509739][T11930]  should_failslab+0x9/0x14
[  272.509755][T11930]  kmem_cache_alloc_trace+0x2d1/0x760
[  272.509771][T11930]  ? rcu_read_lock_sched_held+0x110/0x130
[  272.509790][T11930]  ? __kmalloc+0x5d5/0x740
[  272.519231][T11930]  alloc_workqueue_attrs+0x82/0x120
[  272.519252][T11930]  alloc_workqueue+0x166/0xe70
[  272.519277][T11930]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  272.519297][T11930]  ? __init_waitqueue_head+0x36/0x90
[  272.519319][T11930]  hci_register_dev+0x209/0x860
[  272.519341][T11930]  __vhci_create_device+0x2d0/0x5a0
18:25:25 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x40000000, 0x2)

[  272.519358][T11930]  vhci_write+0x2d0/0x470
[  272.519376][T11930]  new_sync_write+0x4c7/0x760
[  272.519396][T11930]  ? default_llseek+0x2e0/0x2e0
[  272.580127][T11930]  ? copy_page_to_iter+0x4e7/0xd60
[  272.585246][T11930]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  272.591492][T11930]  ? put_page+0xce/0x130
[  272.596905][T11930]  __vfs_write+0xe4/0x110
[  272.601337][T11930]  __kernel_write+0x110/0x3b0
[  272.606028][T11930]  write_pipe_buf+0x15d/0x1f0
[  272.610966][T11930]  ? aa_file_perm+0x432/0xeb0
[  272.615644][T11930]  ? do_splice_direct+0x2a0/0x2a0
[  272.620684][T11930]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  272.627020][T11930]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  272.634059][T11930]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  272.640409][T11930]  __splice_from_pipe+0x395/0x7d0
[  272.645451][T11930]  ? do_splice_direct+0x2a0/0x2a0
[  272.650579][T11930]  ? do_splice_direct+0x2a0/0x2a0
[  272.655627][T11930]  splice_from_pipe+0x108/0x170
[  272.660639][T11930]  ? splice_shrink_spd+0xd0/0xd0
[  272.665596][T11930]  default_file_splice_write+0x3c/0x90
[  272.671156][T11930]  ? generic_splice_sendpage+0x50/0x50
[  272.676624][T11930]  direct_splice_actor+0x126/0x1a0
[  272.681731][T11930]  splice_direct_to_actor+0x369/0x970
[  272.687097][T11930]  ? generic_pipe_buf_nosteal+0x10/0x10
[  272.692754][T11930]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  272.698993][T11930]  ? do_splice_to+0x190/0x190
[  272.703679][T11930]  ? rw_verify_area+0x118/0x360
[  272.708546][T11930]  do_splice_direct+0x1da/0x2a0
[  272.713400][T11930]  ? splice_direct_to_actor+0x970/0x970
[  272.718959][T11930]  ? rw_verify_area+0x118/0x360
[  272.723841][T11930]  do_sendfile+0x597/0xd00
[  272.728257][T11930]  ? do_compat_pwritev64+0x1c0/0x1c0
[  272.733902][T11930]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  272.740579][T11930]  ? _copy_from_user+0xdd/0x150
[  272.745436][T11930]  __x64_sys_sendfile64+0x15a/0x220
[  272.750636][T11930]  ? __ia32_sys_sendfile+0x230/0x230
[  272.755933][T11930]  ? do_syscall_64+0x26/0x610
[  272.760979][T11930]  ? lockdep_hardirqs_on+0x418/0x5d0
[  272.766269][T11930]  ? trace_hardirqs_on+0x67/0x230
[  272.771295][T11930]  do_syscall_64+0x103/0x610
[  272.775905][T11930]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  272.781814][T11930] RIP: 0033:0x457f29
[  272.785697][T11930] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  272.805300][T11930] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  272.813720][T11930] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  272.821778][T11930] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  272.829766][T11930] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  272.837763][T11930] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  272.846236][T11930] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  272.860234][T11930] Bluetooth: Can't register HCI device
18:25:26 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:26 executing program 4:
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x101, 0x801)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = socket$inet6(0xa, 0x3ffffffffffd, 0x2)
close(r1)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r1, r2, 0x0, 0x2)
write$P9_RSYMLINK(r0, &(0x7f0000000100)={0x14, 0x11, 0x1, {0xa, 0xff, 0x7}}, 0x14)
setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f00000000c0)={0x2f, @dev={0xac, 0x14, 0x14, 0xc}, 0x4e23, 0x2, 'rr\x00', 0x13, 0xf7e, 0x18}, 0x2c)

18:25:26 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x300000000000000, 0x2)

18:25:26 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3f00, 0x2)

18:25:26 executing program 2 (fault-call:5 fault-nth:17):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:26 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x48000000, 0x2)

[  273.096216][T11971] FAULT_INJECTION: forcing a failure.
[  273.096216][T11971] name failslab, interval 1, probability 0, space 0, times 0
[  273.109855][T11971] CPU: 0 PID: 11971 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  273.118543][T11971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  273.128604][T11971] Call Trace:
[  273.131909][T11971]  dump_stack+0x172/0x1f0
[  273.136254][T11971]  should_fail.cold+0xa/0x15
[  273.140870][T11971]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  273.146689][T11971]  ? ___might_sleep+0x163/0x280
[  273.151560][T11971]  __should_failslab+0x121/0x190
[  273.156500][T11971]  should_failslab+0x9/0x14
[  273.161010][T11971]  __kmalloc+0x2dc/0x740
[  273.165356][T11971]  ? apply_wqattrs_prepare+0xae/0x970
[  273.170729][T11971]  apply_wqattrs_prepare+0xae/0x970
[  273.175958][T11971]  apply_workqueue_attrs_locked+0xcb/0x140
[  273.181799][T11971]  apply_workqueue_attrs+0x31/0x50
[  273.187007][T11971]  alloc_workqueue+0x84c/0xe70
[  273.191798][T11971]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  273.197537][T11971]  ? __init_waitqueue_head+0x36/0x90
[  273.202843][T11971]  hci_register_dev+0x209/0x860
[  273.207724][T11971]  __vhci_create_device+0x2d0/0x5a0
[  273.212938][T11971]  vhci_write+0x2d0/0x470
[  273.217284][T11971]  new_sync_write+0x4c7/0x760
[  273.221980][T11971]  ? default_llseek+0x2e0/0x2e0
[  273.222000][T11971]  ? copy_page_to_iter+0x4e7/0xd60
[  273.222022][T11971]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  273.231999][T11971]  ? put_page+0xce/0x130
[  273.232026][T11971]  __vfs_write+0xe4/0x110
[  273.232053][T11971]  __kernel_write+0x110/0x3b0
[  273.232073][T11971]  write_pipe_buf+0x15d/0x1f0
[  273.232095][T11971]  ? aa_file_perm+0x432/0xeb0
[  273.262163][T11971]  ? do_splice_direct+0x2a0/0x2a0
[  273.267198][T11971]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  273.273466][T11971]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  273.273484][T11971]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  273.273501][T11971]  __splice_from_pipe+0x395/0x7d0
[  273.273516][T11971]  ? do_splice_direct+0x2a0/0x2a0
[  273.273536][T11971]  ? do_splice_direct+0x2a0/0x2a0
[  273.273550][T11971]  splice_from_pipe+0x108/0x170
[  273.273566][T11971]  ? splice_shrink_spd+0xd0/0xd0
[  273.273601][T11971]  default_file_splice_write+0x3c/0x90
[  273.305767][T11971]  ? generic_splice_sendpage+0x50/0x50
[  273.305787][T11971]  direct_splice_actor+0x126/0x1a0
[  273.305813][T11971]  splice_direct_to_actor+0x369/0x970
[  273.332308][T11971]  ? generic_pipe_buf_nosteal+0x10/0x10
[  273.332331][T11971]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  273.332345][T11971]  ? do_splice_to+0x190/0x190
[  273.332366][T11971]  ? rw_verify_area+0x118/0x360
[  273.332386][T11971]  do_splice_direct+0x1da/0x2a0
[  273.358620][T11971]  ? splice_direct_to_actor+0x970/0x970
[  273.364191][T11971]  ? rw_verify_area+0x118/0x360
[  273.369063][T11971]  do_sendfile+0x597/0xd00
[  273.369089][T11971]  ? do_compat_pwritev64+0x1c0/0x1c0
[  273.369110][T11971]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  273.369130][T11971]  ? _copy_from_user+0xdd/0x150
[  273.390411][T11971]  __x64_sys_sendfile64+0x15a/0x220
[  273.395701][T11971]  ? __ia32_sys_sendfile+0x230/0x230
[  273.400984][T11971]  ? do_syscall_64+0x26/0x610
[  273.401000][T11971]  ? lockdep_hardirqs_on+0x418/0x5d0
[  273.401016][T11971]  ? trace_hardirqs_on+0x67/0x230
[  273.401032][T11971]  do_syscall_64+0x103/0x610
[  273.401068][T11971]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  273.426872][T11971] RIP: 0033:0x457f29
18:25:26 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4000, 0x2)

18:25:26 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x400000000000000, 0x2)

18:25:26 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r1, 0xc0285629, &(0x7f00000000c0)={0x0, 0x84, 0x7, [], &(0x7f0000000080)=0x40})
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x10001, 0x40000)
readahead(r2, 0x7ff, 0x7fff)
r3 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r3, 0x0, 0x2)

18:25:26 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x500000000000000, 0x2)

18:25:26 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4800, 0x2)

18:25:26 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x600000000000000, 0x2)

[  273.430777][T11971] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  273.450418][T11971] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  273.450432][T11971] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  273.450440][T11971] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  273.450451][T11971] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  273.450459][T11971] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
18:25:26 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:26 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c000000, 0x2)

[  273.450470][T11971] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  273.485503][T11971] Bluetooth: Can't register HCI device
18:25:26 executing program 2 (fault-call:5 fault-nth:18):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:26 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x700000000000000, 0x2)

18:25:26 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c00, 0x2)

18:25:26 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="dfc0"], 0x2)
sendfile(r1, r0, 0x0, 0x2)

18:25:26 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x60000000, 0x2)

[  273.668792][T12003] FAULT_INJECTION: forcing a failure.
[  273.668792][T12003] name failslab, interval 1, probability 0, space 0, times 0
18:25:27 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x800000000000000, 0x2)

18:25:27 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x68000000, 0x2)

[  273.813210][T12003] CPU: 1 PID: 12003 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  273.821928][T12003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  273.831988][T12003] Call Trace:
[  273.835300][T12003]  dump_stack+0x172/0x1f0
[  273.839653][T12003]  should_fail.cold+0xa/0x15
[  273.844252][T12003]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  273.850086][T12003]  ? ___might_sleep+0x163/0x280
[  273.854956][T12003]  __should_failslab+0x121/0x190
[  273.854976][T12003]  should_failslab+0x9/0x14
[  273.854997][T12003]  kmem_cache_alloc_trace+0x2d1/0x760
[  273.864958][T12003]  ? rcu_read_lock_sched_held+0x110/0x130
[  273.864976][T12003]  ? __kmalloc+0x5d5/0x740
[  273.865006][T12003]  alloc_workqueue_attrs+0x82/0x120
[  273.888084][T12003]  apply_wqattrs_prepare+0xbb/0x970
[  273.893319][T12003]  apply_workqueue_attrs_locked+0xcb/0x140
[  273.899150][T12003]  apply_workqueue_attrs+0x31/0x50
[  273.904302][T12003]  alloc_workqueue+0x84c/0xe70
[  273.909089][T12003]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  273.914828][T12003]  ? __init_waitqueue_head+0x36/0x90
[  273.920133][T12003]  hci_register_dev+0x209/0x860
[  273.925001][T12003]  __vhci_create_device+0x2d0/0x5a0
[  273.930219][T12003]  vhci_write+0x2d0/0x470
[  273.934567][T12003]  new_sync_write+0x4c7/0x760
[  273.939259][T12003]  ? default_llseek+0x2e0/0x2e0
[  273.944124][T12003]  ? copy_page_to_iter+0x4e7/0xd60
[  273.949240][T12003]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  273.955478][T12003]  ? put_page+0xce/0x130
[  273.959726][T12003]  __vfs_write+0xe4/0x110
[  273.964513][T12003]  __kernel_write+0x110/0x3b0
[  273.969207][T12003]  write_pipe_buf+0x15d/0x1f0
[  273.973899][T12003]  ? aa_file_perm+0x432/0xeb0
[  273.978566][T12003]  ? do_splice_direct+0x2a0/0x2a0
[  273.983617][T12003]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  273.989868][T12003]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  273.995950][T12003]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  274.002382][T12003]  __splice_from_pipe+0x395/0x7d0
[  274.007414][T12003]  ? do_splice_direct+0x2a0/0x2a0
[  274.012435][T12003]  ? do_splice_direct+0x2a0/0x2a0
[  274.017445][T12003]  splice_from_pipe+0x108/0x170
[  274.022307][T12003]  ? splice_shrink_spd+0xd0/0xd0
[  274.027245][T12003]  default_file_splice_write+0x3c/0x90
[  274.032785][T12003]  ? generic_splice_sendpage+0x50/0x50
[  274.038236][T12003]  direct_splice_actor+0x126/0x1a0
[  274.043341][T12003]  splice_direct_to_actor+0x369/0x970
[  274.048715][T12003]  ? generic_pipe_buf_nosteal+0x10/0x10
[  274.054247][T12003]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  274.061325][T12003]  ? do_splice_to+0x190/0x190
[  274.066013][T12003]  ? rw_verify_area+0x118/0x360
[  274.071085][T12003]  do_splice_direct+0x1da/0x2a0
[  274.075939][T12003]  ? splice_direct_to_actor+0x970/0x970
[  274.081486][T12003]  ? rw_verify_area+0x118/0x360
[  274.086341][T12003]  do_sendfile+0x597/0xd00
[  274.090774][T12003]  ? do_compat_pwritev64+0x1c0/0x1c0
[  274.096072][T12003]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  274.102301][T12003]  ? _copy_from_user+0xdd/0x150
[  274.107149][T12003]  __x64_sys_sendfile64+0x15a/0x220
[  274.112330][T12003]  ? __ia32_sys_sendfile+0x230/0x230
[  274.117773][T12003]  ? do_syscall_64+0x26/0x610
[  274.122449][T12003]  ? lockdep_hardirqs_on+0x418/0x5d0
[  274.127727][T12003]  ? trace_hardirqs_on+0x67/0x230
[  274.132749][T12003]  do_syscall_64+0x103/0x610
[  274.137337][T12003]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  274.143221][T12003] RIP: 0033:0x457f29
[  274.147117][T12003] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  274.167214][T12003] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  274.175634][T12003] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  274.183609][T12003] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  274.191588][T12003] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  274.199574][T12003] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
18:25:27 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6087, 0x2)

18:25:27 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0xba)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00')
sendmsg$FOU_CMD_GET(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xa}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x100, 0x70bd2a, 0x25dfdbfe, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x8}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x5c}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004}, 0x10)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

[  274.207552][T12003] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  274.232151][T12003] Bluetooth: Can't register HCI device
18:25:27 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xa00000000000000, 0x2)

18:25:27 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000000)="0adc1f123c123f3188b070")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:27 executing program 2 (fault-call:5 fault-nth:19):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:27 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c000000, 0x2)

18:25:27 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6800, 0x2)

18:25:27 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="e674"], 0x2)
ioctl$VIDIOC_SUBDEV_S_CROP(r1, 0xc038563c, &(0x7f0000000000)={0x0, 0x0, {0x1, 0x6, 0x80, 0x40}})
sendfile(r0, r1, 0x0, 0x2)

[  274.486013][T12050] FAULT_INJECTION: forcing a failure.
[  274.486013][T12050] name failslab, interval 1, probability 0, space 0, times 0
[  274.518288][T12050] CPU: 1 PID: 12050 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
18:25:27 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x1000000000000000, 0x2)

[  274.527011][T12050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  274.537086][T12050] Call Trace:
[  274.540393][T12050]  dump_stack+0x172/0x1f0
[  274.540417][T12050]  should_fail.cold+0xa/0x15
[  274.540436][T12050]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  274.540457][T12050]  ? ___might_sleep+0x163/0x280
[  274.540477][T12050]  __should_failslab+0x121/0x190
[  274.540502][T12050]  should_failslab+0x9/0x14
[  274.569997][T12050]  kmem_cache_alloc_trace+0x2d1/0x760
[  274.575385][T12050]  ? rcu_read_lock_sched_held+0x110/0x130
[  274.581126][T12050]  ? __kmalloc+0x5d5/0x740
[  274.585556][T12050]  alloc_workqueue_attrs+0x82/0x120
[  274.590743][T12050]  apply_wqattrs_prepare+0xc8/0x970
[  274.595937][T12050]  apply_workqueue_attrs_locked+0xcb/0x140
[  274.601855][T12050]  apply_workqueue_attrs+0x31/0x50
[  274.606971][T12050]  alloc_workqueue+0x84c/0xe70
[  274.611766][T12050]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  274.617516][T12050]  ? __init_waitqueue_head+0x36/0x90
[  274.622899][T12050]  hci_register_dev+0x209/0x860
[  274.627757][T12050]  __vhci_create_device+0x2d0/0x5a0
[  274.632972][T12050]  vhci_write+0x2d0/0x470
[  274.637304][T12050]  new_sync_write+0x4c7/0x760
[  274.642020][T12050]  ? default_llseek+0x2e0/0x2e0
[  274.646871][T12050]  ? copy_page_to_iter+0x4e7/0xd60
[  274.651997][T12050]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  274.658249][T12050]  ? put_page+0xce/0x130
[  274.662486][T12050]  __vfs_write+0xe4/0x110
[  274.667113][T12050]  __kernel_write+0x110/0x3b0
[  274.671776][T12050]  write_pipe_buf+0x15d/0x1f0
[  274.676447][T12050]  ? aa_file_perm+0x432/0xeb0
[  274.681116][T12050]  ? do_splice_direct+0x2a0/0x2a0
[  274.686139][T12050]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  274.692460][T12050]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  274.698550][T12050]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  274.704786][T12050]  __splice_from_pipe+0x395/0x7d0
[  274.709812][T12050]  ? do_splice_direct+0x2a0/0x2a0
[  274.714855][T12050]  ? do_splice_direct+0x2a0/0x2a0
[  274.719895][T12050]  splice_from_pipe+0x108/0x170
[  274.724736][T12050]  ? splice_shrink_spd+0xd0/0xd0
[  274.729668][T12050]  default_file_splice_write+0x3c/0x90
[  274.735132][T12050]  ? generic_splice_sendpage+0x50/0x50
[  274.740609][T12050]  direct_splice_actor+0x126/0x1a0
[  274.745732][T12050]  splice_direct_to_actor+0x369/0x970
[  274.751101][T12050]  ? generic_pipe_buf_nosteal+0x10/0x10
[  274.756661][T12050]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  274.762905][T12050]  ? do_splice_to+0x190/0x190
[  274.767587][T12050]  ? rw_verify_area+0x118/0x360
[  274.772454][T12050]  do_splice_direct+0x1da/0x2a0
[  274.777323][T12050]  ? splice_direct_to_actor+0x970/0x970
[  274.782880][T12050]  ? rw_verify_area+0x118/0x360
[  274.787924][T12050]  do_sendfile+0x597/0xd00
[  274.792358][T12050]  ? do_compat_pwritev64+0x1c0/0x1c0
[  274.797634][T12050]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  274.803864][T12050]  ? _copy_from_user+0xdd/0x150
[  274.808728][T12050]  __x64_sys_sendfile64+0x15a/0x220
[  274.813919][T12050]  ? __ia32_sys_sendfile+0x230/0x230
[  274.819194][T12050]  ? do_syscall_64+0x26/0x610
[  274.823863][T12050]  ? lockdep_hardirqs_on+0x418/0x5d0
[  274.829155][T12050]  ? trace_hardirqs_on+0x67/0x230
[  274.834267][T12050]  do_syscall_64+0x103/0x610
[  274.838994][T12050]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  274.844909][T12050] RIP: 0033:0x457f29
[  274.848815][T12050] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  274.868439][T12050] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  274.876939][T12050] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
18:25:28 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c00, 0x2)

[  274.885125][T12050] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  274.893108][T12050] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  274.901080][T12050] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  274.909057][T12050] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  274.921802][T12050] Bluetooth: Can't register HCI device
18:25:28 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x74000000, 0x2)

18:25:28 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:28 executing program 2 (fault-call:5 fault-nth:20):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:28 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000001c0)=ANY=[@ANYRES32=<r2=>0x0, @ANYBLOB="510000002600ae75826a41a56a438b03d7bd1e228ac75f72f3725d74d1c97ae53622d26b929bf8e83ff2cb3589231a6461b844535617d13840fc40593bc57bce44222a4cdae98984c75d84b558e7c97f9b150363a7512bc188d6"], &(0x7f0000000080)=0x59)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f00000000c0)={r2, @in6={{0xa, 0x4e24, 0xfffffffffffffffd, @mcast1, 0x2}}, 0x3, 0x8e5fe83, 0x8000, 0x1f, 0x9}, &(0x7f0000000180)=0x98)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r4 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000080)={@multicast2, @loopback, 0x1, 0x2, [@multicast1, @empty]}, 0x18)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000040)={'lo\x00\x04\x00\x00\x00\x00\x00Jk\x00'})
sendfile(r0, r1, 0x0, 0x2)

18:25:28 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2000000000000000, 0x2)

18:25:28 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7400, 0x2)

[  275.151981][T12084] FAULT_INJECTION: forcing a failure.
[  275.151981][T12084] name failslab, interval 1, probability 0, space 0, times 0
[  275.178219][T12084] CPU: 1 PID: 12084 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  275.187590][T12084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  275.187598][T12084] Call Trace:
[  275.187626][T12084]  dump_stack+0x172/0x1f0
[  275.187650][T12084]  should_fail.cold+0xa/0x15
[  275.187670][T12084]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  275.187693][T12084]  ? ___might_sleep+0x163/0x280
[  275.187716][T12084]  __should_failslab+0x121/0x190
[  275.187734][T12084]  should_failslab+0x9/0x14
[  275.187750][T12084]  kmem_cache_alloc_node+0x264/0x710
[  275.187776][T12084]  alloc_unbound_pwq+0x4c5/0xcf0
[  275.187811][T12084]  apply_wqattrs_prepare+0x35e/0x970
[  275.187841][T12084]  apply_workqueue_attrs_locked+0xcb/0x140
[  275.230285][T12084]  apply_workqueue_attrs+0x31/0x50
[  275.230303][T12084]  alloc_workqueue+0x84c/0xe70
[  275.230326][T12084]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  275.230347][T12084]  ? __init_waitqueue_head+0x36/0x90
[  275.230369][T12084]  hci_register_dev+0x209/0x860
[  275.230391][T12084]  __vhci_create_device+0x2d0/0x5a0
[  275.230408][T12084]  vhci_write+0x2d0/0x470
[  275.230430][T12084]  new_sync_write+0x4c7/0x760
[  275.292842][T12084]  ? default_llseek+0x2e0/0x2e0
[  275.297691][T12084]  ? copy_page_to_iter+0x4e7/0xd60
[  275.302822][T12084]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  275.309085][T12084]  ? put_page+0xce/0x130
[  275.313332][T12084]  __vfs_write+0xe4/0x110
[  275.317650][T12084]  __kernel_write+0x110/0x3b0
[  275.322322][T12084]  write_pipe_buf+0x15d/0x1f0
[  275.326993][T12084]  ? aa_file_perm+0x432/0xeb0
[  275.331676][T12084]  ? do_splice_direct+0x2a0/0x2a0
[  275.336690][T12084]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  275.343025][T12084]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  275.349118][T12084]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  275.355361][T12084]  __splice_from_pipe+0x395/0x7d0
[  275.360388][T12084]  ? do_splice_direct+0x2a0/0x2a0
[  275.365425][T12084]  ? do_splice_direct+0x2a0/0x2a0
[  275.370446][T12084]  splice_from_pipe+0x108/0x170
[  275.375322][T12084]  ? splice_shrink_spd+0xd0/0xd0
[  275.380284][T12084]  default_file_splice_write+0x3c/0x90
[  275.386297][T12084]  ? generic_splice_sendpage+0x50/0x50
[  275.391853][T12084]  direct_splice_actor+0x126/0x1a0
[  275.396978][T12084]  splice_direct_to_actor+0x369/0x970
[  275.402352][T12084]  ? generic_pipe_buf_nosteal+0x10/0x10
[  275.408154][T12084]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  275.414392][T12084]  ? do_splice_to+0x190/0x190
[  275.419072][T12084]  ? rw_verify_area+0x118/0x360
[  275.423934][T12084]  do_splice_direct+0x1da/0x2a0
[  275.428784][T12084]  ? splice_direct_to_actor+0x970/0x970
[  275.434337][T12084]  ? rw_verify_area+0x118/0x360
[  275.439197][T12084]  do_sendfile+0x597/0xd00
[  275.443627][T12084]  ? do_compat_pwritev64+0x1c0/0x1c0
[  275.448924][T12084]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  275.455155][T12084]  ? _copy_from_user+0xdd/0x150
[  275.460011][T12084]  __x64_sys_sendfile64+0x15a/0x220
[  275.465225][T12084]  ? __ia32_sys_sendfile+0x230/0x230
[  275.470724][T12084]  ? do_syscall_64+0x26/0x610
[  275.475406][T12084]  ? lockdep_hardirqs_on+0x418/0x5d0
[  275.480693][T12084]  ? trace_hardirqs_on+0x67/0x230
[  275.486231][T12084]  do_syscall_64+0x103/0x610
[  275.490818][T12084]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  275.496693][T12084] RIP: 0033:0x457f29
[  275.500596][T12084] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  275.520208][T12084] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  275.528619][T12084] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  275.536576][T12084] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  275.544539][T12084] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
18:25:28 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a000000, 0x2)

[  275.552509][T12084] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  275.560514][T12084] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  275.589413][T12084] Bluetooth: Can't register HCI device
18:25:28 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a00, 0x2)

18:25:28 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3e00000000000000, 0x2)

18:25:28 executing program 2 (fault-call:5 fault-nth:21):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:29 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x87600000, 0x2)

18:25:29 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3f00000000000000, 0x2)

[  275.782561][T12109] FAULT_INJECTION: forcing a failure.
[  275.782561][T12109] name failslab, interval 1, probability 0, space 0, times 0
[  275.819203][T12109] CPU: 0 PID: 12109 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  275.827929][T12109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  275.837996][T12109] Call Trace:
[  275.841336][T12109]  dump_stack+0x172/0x1f0
[  275.845772][T12109]  should_fail.cold+0xa/0x15
[  275.850380][T12109]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  275.856378][T12109]  ? ___might_sleep+0x163/0x280
[  275.861270][T12109]  __should_failslab+0x121/0x190
[  275.866247][T12109]  should_failslab+0x9/0x14
[  275.870879][T12109]  __kmalloc_track_caller+0x2d8/0x740
[  275.876282][T12109]  ? kstrdup_const+0x66/0x80
[  275.880894][T12109]  kstrdup+0x3a/0x70
[  275.884806][T12109]  kstrdup_const+0x66/0x80
[  275.889235][T12109]  kvasprintf_const+0x10e/0x190
[  275.894132][T12109]  kobject_set_name_vargs+0x5b/0x150
[  275.899437][T12109]  dev_set_name+0xbd/0xf0
[  275.903779][T12109]  ? device_initialize+0x440/0x440
[  275.908908][T12109]  ? simple_release_fs+0xa1/0xd0
[  275.913853][T12109]  ? start_creating+0x163/0x1e0
[  275.918712][T12109]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  275.924973][T12109]  hci_register_dev+0x2e0/0x860
[  275.929843][T12109]  __vhci_create_device+0x2d0/0x5a0
[  275.935055][T12109]  vhci_write+0x2d0/0x470
[  275.939397][T12109]  new_sync_write+0x4c7/0x760
[  275.944202][T12109]  ? default_llseek+0x2e0/0x2e0
[  275.949079][T12109]  ? copy_page_to_iter+0x4e7/0xd60
[  275.954231][T12109]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  275.960488][T12109]  ? put_page+0xce/0x130
[  275.964750][T12109]  __vfs_write+0xe4/0x110
[  275.969095][T12109]  __kernel_write+0x110/0x3b0
[  275.973785][T12109]  write_pipe_buf+0x15d/0x1f0
[  275.978647][T12109]  ? aa_file_perm+0x432/0xeb0
[  275.983342][T12109]  ? do_splice_direct+0x2a0/0x2a0
[  275.988395][T12109]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  275.994644][T12109]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  276.000718][T12109]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  276.006968][T12109]  __splice_from_pipe+0x395/0x7d0
[  276.012024][T12109]  ? do_splice_direct+0x2a0/0x2a0
[  276.017085][T12109]  ? do_splice_direct+0x2a0/0x2a0
[  276.022122][T12109]  splice_from_pipe+0x108/0x170
[  276.027012][T12109]  ? splice_shrink_spd+0xd0/0xd0
[  276.031979][T12109]  default_file_splice_write+0x3c/0x90
[  276.037461][T12109]  ? generic_splice_sendpage+0x50/0x50
[  276.042932][T12109]  direct_splice_actor+0x126/0x1a0
[  276.048093][T12109]  splice_direct_to_actor+0x369/0x970
[  276.053475][T12109]  ? generic_pipe_buf_nosteal+0x10/0x10
[  276.059027][T12109]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  276.065280][T12109]  ? do_splice_to+0x190/0x190
[  276.069963][T12109]  ? rw_verify_area+0x118/0x360
[  276.074836][T12109]  do_splice_direct+0x1da/0x2a0
[  276.079711][T12109]  ? splice_direct_to_actor+0x970/0x970
[  276.085673][T12109]  ? rw_verify_area+0x118/0x360
[  276.090543][T12109]  do_sendfile+0x597/0xd00
[  276.094980][T12109]  ? do_compat_pwritev64+0x1c0/0x1c0
[  276.100291][T12109]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  276.106549][T12109]  ? _copy_from_user+0xdd/0x150
[  276.106570][T12109]  __x64_sys_sendfile64+0x15a/0x220
[  276.106588][T12109]  ? __ia32_sys_sendfile+0x230/0x230
[  276.116736][T12109]  ? do_syscall_64+0x26/0x610
[  276.116755][T12109]  ? lockdep_hardirqs_on+0x418/0x5d0
18:25:29 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xe4ffffff, 0x2)

[  276.116776][T12109]  ? trace_hardirqs_on+0x67/0x230
[  276.132007][T12109]  do_syscall_64+0x103/0x610
[  276.141606][T12109]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  276.141619][T12109] RIP: 0033:0x457f29
[  276.141639][T12109] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  276.171265][T12109] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  276.179703][T12109] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  276.187847][T12109] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  276.195897][T12109] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  276.203868][T12109] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  276.211845][T12109] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
18:25:29 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:29 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4000000000000000, 0x2)

[  276.246554][T12109] Bluetooth: Can't register HCI device
18:25:29 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="ffc093d2390c65503cdde0aa268c512a485fa780653f8cc16c5599b4b913e0b198cc578e14157f66d72b4108821582c7d7552c30a8d8c0042dc1deb463011495ddb86346e900968241b04a43c1a832fc326d2e8bd32a092ad1ea3408c86ec5f09f8e78e3e70ef6ac642f102b8bddd66ef541fd1fb3f3c69598558b99de16414403e64f347caf753fb488dd19d39e8eb73caa5571696dd3"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:29 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xfeffffff, 0x2)

18:25:29 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xff0f, 0x2)

18:25:29 executing program 2 (fault-call:5 fault-nth:22):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:29 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4800000000000000, 0x2)

18:25:29 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

[  276.473386][T12140] FAULT_INJECTION: forcing a failure.
[  276.473386][T12140] name failslab, interval 1, probability 0, space 0, times 0
[  276.538416][T12140] CPU: 1 PID: 12140 Comm: syz-executor.2 Not tainted 5.0.0-next-20190306 #4
[  276.547911][T12140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  276.557975][T12140] Call Trace:
[  276.561290][T12140]  dump_stack+0x172/0x1f0
[  276.565643][T12140]  should_fail.cold+0xa/0x15
[  276.570255][T12140]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  276.570277][T12140]  ? ___might_sleep+0x163/0x280
[  276.570296][T12140]  __should_failslab+0x121/0x190
[  276.570312][T12140]  should_failslab+0x9/0x14
[  276.570328][T12140]  kmem_cache_alloc_trace+0x2d1/0x760
[  276.570345][T12140]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  276.570358][T12140]  ? refcount_inc_checked+0x2b/0x70
[  276.570379][T12140]  device_add+0xfdc/0x18a0
[  276.570395][T12140]  ? device_initialize+0x440/0x440
[  276.570423][T12140]  ? get_device_parent.isra.0+0x570/0x570
[  276.581068][T12140]  ? start_creating+0x163/0x1e0
[  276.581086][T12140]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  276.581107][T12140]  hci_register_dev+0x2e8/0x860
18:25:29 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10aa5, 0x2)

18:25:29 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xffffff7f, 0x2)

[  276.581129][T12140]  __vhci_create_device+0x2d0/0x5a0
[  276.581147][T12140]  vhci_write+0x2d0/0x470
[  276.581165][T12140]  new_sync_write+0x4c7/0x760
[  276.581183][T12140]  ? default_llseek+0x2e0/0x2e0
[  276.581200][T12140]  ? copy_page_to_iter+0x4e7/0xd60
[  276.581225][T12140]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  276.669007][T12140]  ? put_page+0xce/0x130
[  276.669048][T12140]  __vfs_write+0xe4/0x110
[  276.669068][T12140]  __kernel_write+0x110/0x3b0
[  276.669087][T12140]  write_pipe_buf+0x15d/0x1f0
[  276.669102][T12140]  ? aa_file_perm+0x432/0xeb0
[  276.669115][T12140]  ? do_splice_direct+0x2a0/0x2a0
[  276.669132][T12140]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  276.669146][T12140]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  276.669166][T12140]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  276.677725][T12140]  __splice_from_pipe+0x395/0x7d0
[  276.677741][T12140]  ? do_splice_direct+0x2a0/0x2a0
[  276.677763][T12140]  ? do_splice_direct+0x2a0/0x2a0
[  276.677779][T12140]  splice_from_pipe+0x108/0x170
[  276.677802][T12140]  ? splice_shrink_spd+0xd0/0xd0
[  276.677831][T12140]  default_file_splice_write+0x3c/0x90
[  276.746077][T12140]  ? generic_splice_sendpage+0x50/0x50
[  276.751649][T12140]  direct_splice_actor+0x126/0x1a0
[  276.756997][T12140]  splice_direct_to_actor+0x369/0x970
[  276.762480][T12140]  ? generic_pipe_buf_nosteal+0x10/0x10
[  276.768058][T12140]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  276.774482][T12140]  ? do_splice_to+0x190/0x190
[  276.779263][T12140]  ? rw_verify_area+0x118/0x360
[  276.784690][T12140]  do_splice_direct+0x1da/0x2a0
[  276.789557][T12140]  ? splice_direct_to_actor+0x970/0x970
[  276.795127][T12140]  ? rw_verify_area+0x118/0x360
[  276.799993][T12140]  do_sendfile+0x597/0xd00
[  276.804418][T12140]  ? do_compat_pwritev64+0x1c0/0x1c0
[  276.809706][T12140]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  276.816050][T12140]  ? _copy_from_user+0xdd/0x150
[  276.820915][T12140]  __x64_sys_sendfile64+0x15a/0x220
[  276.826121][T12140]  ? __ia32_sys_sendfile+0x230/0x230
[  276.831418][T12140]  ? do_syscall_64+0x26/0x610
[  276.836102][T12140]  ? lockdep_hardirqs_on+0x418/0x5d0
[  276.841400][T12140]  ? trace_hardirqs_on+0x67/0x230
[  276.846434][T12140]  do_syscall_64+0x103/0x610
[  276.851198][T12140]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  276.857086][T12140] RIP: 0033:0x457f29
[  276.860976][T12140] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  276.880589][T12140] RSP: 002b:00007f30489fdc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
18:25:30 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4c00000000000000, 0x2)

[  276.889501][T12140] RAX: ffffffffffffffda RBX: 00007f30489fdc90 RCX: 0000000000457f29
[  276.897479][T12140] RDX: 0000000020d83ff8 RSI: 0000000000000004 RDI: 0000000000000003
[  276.905461][T12140] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  276.913451][T12140] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f30489fe6d4
[  276.921441][T12140] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 0000000000000005
[  276.932749][T12140] Bluetooth: Can't register HCI device
18:25:30 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000040)=""/60)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x34, 0x32, 0xf, 0xb, 0x4, 0x1f, 0x4, 0x14e, 0xffffffffffffffff})

18:25:30 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10aa6, 0x2)

18:25:30 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xffffffe4, 0x2)

18:25:30 executing program 2 (fault-call:5 fault-nth:23):
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:30 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10aa7, 0x2)

18:25:30 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6000000000000000, 0x2)

18:25:30 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x101100, 0x0)
ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000040))
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r1)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="dbed6eafa0c7ad4d412ff77b132a6a2300a31ffb7a7892751d09ea1fe290"], 0x2)
sendfile(r1, r2, 0x0, 0x2)

18:25:30 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xfffffffe, 0x2)

18:25:30 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000))
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:30 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8), 0x2)

18:25:30 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000000))
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)

18:25:30 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10aa8, 0x2)

18:25:30 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6800000000000000, 0x2)

18:25:30 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xffffffff000, 0x2)

18:25:30 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x2, 0x2)

18:25:30 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6087ffffffff, 0x2)

18:25:30 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000000)={0x3f, "979653395cb350a1b5f2d5fc854d84daf4588b0c4fa9a814c1f660d05e5db80e", 0x2, 0x1})
sendfile(r0, r1, 0x0, 0x2)

18:25:30 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x6c00000000000000, 0x2)

18:25:30 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10aa9, 0x2)

18:25:31 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x3, 0x2)

18:25:31 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000))
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000300)='/dev/urandom\x00', 0x0, 0x0)
setgroups(0x1, &(0x7f0000000500)=[0x0])
getrandom(&(0x7f0000000180)=""/40, 0xffffffffffffff56, 0x2)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000800)=ANY=[@ANYBLOB="f8880653bdec229801000400000000000000a6000000a451ec34d6003fa00dbac3e3d61321071bf0a289eb00000000b1247108ba8a0817abf79fbdda6de1f61daf79d25b7d9846322602f9d6e905b30dc4b4be91b3108ec2c534e6a3199e81a5941675f3ef76377aac05888d96387313cffac2ce846526d966fd770c83b925199cc5cb"], 0x1)
ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000280)=0x1f)

18:25:31 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0xf0ffffff0f0000, 0x2)

18:25:31 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7400000000000000, 0x2)

18:25:31 executing program 4:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
getsockopt$bt_sco_SCO_OPTIONS(r1, 0x11, 0x1, &(0x7f0000000140)=""/77, &(0x7f00000001c0)=0x4d)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, 0x0, 0x2)
ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f0000000000))

18:25:31 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10aaa, 0x2)

18:25:31 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x4, 0x2)

[  277.964994][T12264] WARNING: CPU: 0 PID: 12264 at kernel/locking/lockdep.c:1024 lockdep_register_key+0x10d/0x490
[  277.975422][T12264] Kernel panic - not syncing: panic_on_warn set ...
[  277.982018][T12264] CPU: 0 PID: 12264 Comm: syz-executor.4 Not tainted 5.0.0-next-20190306 #4
[  277.990704][T12264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  278.001011][T12264] Call Trace:
[  278.004335][T12264]  dump_stack+0x172/0x1f0
[  278.008769][T12264]  ? lockdep_register_key+0xf0/0x490
[  278.011573][ T3876] kobject: 'loop3' (000000003bc6f028): kobject_uevent_env
[  278.014449][T12264]  panic+0x2cb/0x65c
[  278.014471][T12264]  ? __warn_printk+0xf3/0xf3
[  278.029635][ T3876] kobject: 'loop3' (000000003bc6f028): fill_kobj_path: path = '/devices/virtual/block/loop3'
[  278.030228][T12264]  ? lockdep_register_key+0x10d/0x490
[  278.045732][T12264]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  278.047953][ T3876] kobject: 'loop0' (000000006db176e4): kobject_uevent_env
[  278.051977][T12264]  ? __warn.cold+0x5/0x45
[  278.051993][T12264]  ? lockdep_register_key+0x10d/0x490
[  278.052007][T12264]  __warn.cold+0x20/0x45
[  278.052018][T12264]  ? find_held_lock+0x35/0x130
[  278.052029][T12264]  ? lockdep_register_key+0x10d/0x490
[  278.052054][T12264]  report_bug+0x263/0x2b0
[  278.052164][T12264]  do_error_trap+0x11b/0x200
[  278.069542][ T3876] kobject: 'loop0' (000000006db176e4): fill_kobj_path: path = '/devices/virtual/block/loop0'
[  278.073119][T12264]  do_invalid_op+0x37/0x50
[  278.073137][T12264]  ? lockdep_register_key+0x10d/0x490
[  278.073157][T12264]  invalid_op+0x14/0x20
[  278.082009][ T3876] kobject: 'loop1' (00000000d88bce74): kobject_uevent_env
[  278.083317][T12264] RIP: 0010:lockdep_register_key+0x10d/0x490
[  278.083337][T12264] Code: 75 23 e9 e5 01 00 00 48 89 da 48 c1 ea 03 42 80 3c 3a 00 0f 85 b1 02 00 00 48 8b 1b 48 85 db 0f 84 c7 01 00 00 4c 39 e3 75 dd <0f> 0b 48 c7 c0 b8 57 5e 89 48 ba 00 00 00 00 00 fc ff df 48 89 c1
[  278.087764][ T3876] kobject: 'loop1' (00000000d88bce74): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  278.092263][T12264] RSP: 0018:ffff8880529ef470 EFLAGS: 00010046
[  278.092283][T12264] RAX: dffffc0000000000 RBX: ffff88808b14c3d8 RCX: 1ffffffff12bcaf7
[  278.092306][T12264] RDX: 1ffffffff1467970 RSI: 0000000000000000 RDI: ffff888054382a3c
[  278.092325][T12264] RBP: ffff8880529ef4a0 R08: ffffffff8a33cb80 R09: ffffed100a53de83
[  278.092345][T12264] R10: ffffed100a53de82 R11: 0000000000000003 R12: ffff88808b14c3d8
[  278.177053][ T3876] kobject: 'loop2' (00000000151c1a29): kobject_uevent_env
[  278.181639][T12264] R13: 000000000000049c R14: 0000000000000286 R15: dffffc0000000000
[  278.181784][T12264]  alloc_workqueue+0x427/0xe70
[  278.181833][T12264]  ? workqueue_sysfs_register+0x3f0/0x3f0
[  278.181844][T12264]  ? __init_waitqueue_head+0x36/0x90
[  278.181855][T12264]  hci_register_dev+0x209/0x860
[  278.181866][T12264]  __vhci_create_device+0x2d0/0x5a0
[  278.181873][T12264]  vhci_write+0x2d0/0x470
[  278.181883][T12264]  new_sync_write+0x4c7/0x760
[  278.181891][T12264]  ? default_llseek+0x2e0/0x2e0
[  278.181900][T12264]  ? copy_page_to_iter+0x4e7/0xd60
[  278.181910][T12264]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
18:25:31 executing program 2:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x5, 0x2)

18:25:31 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x100000000000000, 0x2)

18:25:31 executing program 0:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x10aab, 0x2)

18:25:31 executing program 3:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x7a00000000000000, 0x2)

[  278.181918][T12264]  ? put_page+0xce/0x130
[  278.181927][T12264]  __vfs_write+0xe4/0x110
[  278.181935][T12264]  __kernel_write+0x110/0x3b0
[  278.181944][T12264]  write_pipe_buf+0x15d/0x1f0
[  278.181953][T12264]  ? aa_file_perm+0x432/0xeb0
[  278.181960][T12264]  ? do_splice_direct+0x2a0/0x2a0
[  278.181967][T12264]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  278.181974][T12264]  ? splice_from_pipe_next.part.0+0x255/0x2f0
[  278.181981][T12264]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  278.181993][T12264]  __splice_from_pipe+0x395/0x7d0
18:25:31 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x200000000000000, 0x2)

[  278.182000][T12264]  ? do_splice_direct+0x2a0/0x2a0
[  278.182008][T12264]  ? do_splice_direct+0x2a0/0x2a0
[  278.182014][T12264]  splice_from_pipe+0x108/0x170
[  278.182022][T12264]  ? splice_shrink_spd+0xd0/0xd0
[  278.182032][T12264]  default_file_splice_write+0x3c/0x90
[  278.182056][T12264]  ? generic_splice_sendpage+0x50/0x50
[  278.182069][T12264]  direct_splice_actor+0x126/0x1a0
[  278.182082][T12264]  splice_direct_to_actor+0x369/0x970
[  278.182094][T12264]  ? generic_pipe_buf_nosteal+0x10/0x10
[  278.182116][T12264]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  278.192536][ T3876] kobject: 'loop2' (00000000151c1a29): fill_kobj_path: path = '/devices/virtual/block/loop2'
[  278.198092][T12264]  ? do_splice_to+0x190/0x190
[  278.198110][T12264]  ? rw_verify_area+0x118/0x360
[  278.198124][T12264]  do_splice_direct+0x1da/0x2a0
[  278.198144][T12264]  ? splice_direct_to_actor+0x970/0x970
[  278.342605][ T3876] kobject: 'loop1' (00000000d88bce74): kobject_uevent_env
[  278.346575][T12264]  ? rw_verify_area+0x118/0x360
18:25:31 executing program 1:
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
close(r0)
openat$vhci(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vhci\x00', 0x6)
r1 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
write$P9_RLERRORu(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="ffc0"], 0x2)
sendfile(r0, r1, &(0x7f0000d83ff8)=0x204000000000000, 0x2)

[  278.357421][ T3876] kobject: 'loop1' (00000000d88bce74): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  278.362597][T12264]  do_sendfile+0x597/0xd00
[  278.362618][T12264]  ? do_compat_pwritev64+0x1c0/0x1c0
[  278.362634][T12264]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  278.362719][T12264]  ? put_timespec64+0xda/0x140
[  278.362739][T12264]  __x64_sys_sendfile64+0x1dd/0x220
[  278.447386][T12264]  ? __ia32_sys_sendfile+0x230/0x230
[  278.452703][T12264]  ? do_syscall_64+0x26/0x610
[  278.457396][T12264]  ? lockdep_hardirqs_on+0x418/0x5d0
[  278.462684][T12264]  ? trace_hardirqs_on+0x67/0x230
[  278.467727][T12264]  do_syscall_64+0x103/0x610
[  278.472408][T12264]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  278.478311][T12264] RIP: 0033:0x457f29
[  278.482214][T12264] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  278.502610][T12264] RSP: 002b:00007f7ce6deec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  278.511030][T12264] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457f29
[  278.519094][T12264] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000005
[  278.527158][T12264] RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
[  278.535130][T12264] R10: 0000000000000002 R11: 0000000000000246 R12: 00007f7ce6def6d4
[  278.543109][T12264] R13: 00000000004c4ece R14: 00000000004d8bf8 R15: 00000000ffffffff
[  279.722129][T12264] Shutting down cpus with NMI
[  279.727758][T12264] Kernel Offset: disabled
[  279.732079][T12264] Rebooting in 86400 seconds..