[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[   17.934173] random: sshd: uninitialized urandom read (32 bytes read)
[?25l[?1c7[ ok 8[?25h[?0c.

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   19.163274] random: sshd: uninitialized urandom read (32 bytes read)
[   19.527477] random: sshd: uninitialized urandom read (32 bytes read)
[   20.345361] random: sshd: uninitialized urandom read (32 bytes read)
Warning: Permanently added '10.128.0.17' (ECDSA) to the list of known hosts.
[   25.782869] random: sshd: uninitialized urandom read (32 bytes read)
2018/08/01 12:10:31 fuzzer started
[   27.208629] random: cc1: uninitialized urandom read (8 bytes read)
2018/08/01 12:10:34 dialing manager at 10.128.0.26:46293
2018/08/01 12:10:38 syscalls: 1808
2018/08/01 12:10:38 code coverage: enabled
2018/08/01 12:10:38 comparison tracing: enabled
2018/08/01 12:10:38 setuid sandbox: enabled
2018/08/01 12:10:38 namespace sandbox: enabled
2018/08/01 12:10:38 fault injection: enabled
2018/08/01 12:10:38 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2018/08/01 12:10:38 net packed injection: enabled
2018/08/01 12:10:38 net device setup: enabled
[   41.509320] random: crng init done
12:11:51 executing program 0:

12:11:51 executing program 2:

12:11:51 executing program 7:

12:11:51 executing program 3:

12:11:51 executing program 4:
r0 = socket$inet6_sctp(0xa, 0x8000000000000001, 0x84)
sendmsg$inet_sctp(r0, &(0x7f00000007c0)={&(0x7f0000000180)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000640), 0x80, &(0x7f0000000240)=[@prinfo={0x18, 0x84, 0x7, {0x30}}], 0x18}, 0x0)

12:11:51 executing program 6:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8949fb6452d04820cbd4a17ecbd8ebb13369dcf89a41c071248e2f959af3e38699641059c3737e5e570919ecefe5b53deecd00fbf71f831a21c7c215c1743cbcc750781ef617bfaf32d72b9bba588ad05b22b3f6990afbfd27d8f32990ef3445c569178f2c63fd47c549ccb433589bbad152c590eefbc349b8c6e6a5", 0x7c)

12:11:51 executing program 5:
r0 = socket$inet6(0xa, 0x1000000000002, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000280)="025c3f0a00145f8f764070")
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote, 0xfffffffffffffffc}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@local, @dev, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff11, 0x0, @remote, @local, {[], @udp={0x0, 0x4e20, 0x8}}}}}}, &(0x7f0000000040))

12:11:51 executing program 1:

[  105.324760] IPVS: ftp: loaded support on port[0] = 21
[  105.326299] IPVS: ftp: loaded support on port[0] = 21
[  105.354003] IPVS: ftp: loaded support on port[0] = 21
[  105.370049] IPVS: ftp: loaded support on port[0] = 21
[  105.381580] IPVS: ftp: loaded support on port[0] = 21
[  105.383169] IPVS: ftp: loaded support on port[0] = 21
[  105.413486] IPVS: ftp: loaded support on port[0] = 21
[  105.424278] IPVS: ftp: loaded support on port[0] = 21
[  107.057899] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.064305] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.076779] device bridge_slave_0 entered promiscuous mode
[  107.095615] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.102055] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.116557] device bridge_slave_0 entered promiscuous mode
[  107.124532] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.130929] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.140764] device bridge_slave_0 entered promiscuous mode
[  107.150937] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.157319] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.178215] device bridge_slave_0 entered promiscuous mode
[  107.189332] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.195750] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.203237] device bridge_slave_0 entered promiscuous mode
[  107.214569] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.220952] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.228394] device bridge_slave_1 entered promiscuous mode
[  107.236732] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.243110] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.257092] device bridge_slave_0 entered promiscuous mode
[  107.265420] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.271797] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.279490] device bridge_slave_1 entered promiscuous mode
[  107.287806] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.294361] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.302200] device bridge_slave_0 entered promiscuous mode
[  107.310279] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.316638] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.327805] device bridge_slave_1 entered promiscuous mode
[  107.337176] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.343550] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.353985] device bridge_slave_1 entered promiscuous mode
[  107.361690] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.368132] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.378402] device bridge_slave_1 entered promiscuous mode
[  107.386370] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  107.393664] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.400031] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.407356] device bridge_slave_0 entered promiscuous mode
[  107.425061] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.431461] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.438712] device bridge_slave_1 entered promiscuous mode
[  107.446551] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  107.453790] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.460170] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.467372] device bridge_slave_1 entered promiscuous mode
[  107.474965] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  107.483497] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  107.490790] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  107.498211] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  107.506448] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.512817] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.548341] device bridge_slave_1 entered promiscuous mode
[  107.570849] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  107.580713] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  107.595088] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  107.606381] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  107.614176] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  107.622134] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  107.675602] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  107.717500] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  107.728001] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  107.815233] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  107.872866] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  107.892029] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  107.907203] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  107.931560] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  107.961124] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  108.007574] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  108.023033] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  108.042191] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  108.053650] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  108.062636] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  108.073001] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  108.084595] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  108.141193] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  108.176770] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  108.187033] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  108.285547] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  108.513294] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  108.522096] team0: Port device team_slave_0 added
[  108.561337] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  108.583959] team0: Port device team_slave_0 added
[  108.611616] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  108.624630] team0: Port device team_slave_0 added
[  108.632398] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  108.640773] team0: Port device team_slave_0 added
[  108.648583] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  108.667862] team0: Port device team_slave_0 added
[  108.675054] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  108.689753] team0: Port device team_slave_1 added
[  108.698490] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  108.706040] team0: Port device team_slave_0 added
[  108.724482] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  108.732878] team0: Port device team_slave_0 added
[  108.739816] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  108.756907] team0: Port device team_slave_1 added
[  108.768487] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  108.780058] team0: Port device team_slave_1 added
[  108.791123] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  108.803872] team0: Port device team_slave_1 added
[  108.810296] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  108.823119] team0: Port device team_slave_1 added
[  108.830176] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  108.840144] team0: Port device team_slave_1 added
[  108.846277] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  108.858626] team0: Port device team_slave_1 added
[  108.866772] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  108.873615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  108.885774] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  108.909005] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  108.916004] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  108.928237] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  108.937101] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  108.945746] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  108.953976] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  108.963607] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  108.971991] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  108.979521] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  108.988788] team0: Port device team_slave_0 added
[  109.019785] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  109.034505] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.047866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  109.055623] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.062958] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  109.070535] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.077840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  109.085410] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.092699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.100266] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.107757] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
[  109.114685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  109.123467] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.133634] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  109.142086] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  109.151604] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  109.160114] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  109.168961] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  109.179240] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  109.186409] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.202430] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.228327] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.242168] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.249574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.257181] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.264494] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.272042] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.279469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.287076] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.294754] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.302274] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.309806] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  109.316990] team0: Port device team_slave_1 added
[  109.324786] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  109.333731] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  109.342494] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  109.349878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.369058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.387648] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.401821] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.410332] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.417965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.425778] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  109.432961] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.441182] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.451633] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  109.458931] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  109.467228] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  109.476417] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  109.484883] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  109.495517] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  109.506675] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.538766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.567408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.576304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.584860] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.592559] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.600045] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  109.607691] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.615449] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.623165] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.630894] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.638524] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.646220] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.657525] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  109.674855] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  109.693638] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  109.703001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.716813] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.748189] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.756220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.764031] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.771749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.779809] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
[  109.786703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  109.794917] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  109.806576] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  109.813711] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  109.826754] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  109.906454] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
[  109.913756] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  109.926147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  109.954738] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
[  109.980367] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  110.001143] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  110.684484] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.690890] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.697558] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.703936] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.726727] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  110.733792] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  110.745810] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.752195] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.758861] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.765278] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.775063] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  110.795479] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.801872] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.808512] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.814876] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.849995] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  110.864843] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.871277] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.877911] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.884294] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.914776] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  110.922563] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.928952] bridge0: port 2(bridge_slave_1) entered forwarding state
[  110.935578] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.941947] bridge0: port 1(bridge_slave_0) entered forwarding state
[  110.949443] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  110.990151] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.996599] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.003266] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.009639] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.048473] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  111.159213] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.165630] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.172294] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.178667] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.197817] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  111.224220] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.230688] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.237350] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.243717] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.273438] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  111.736601] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.750077] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.778037] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.785198] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.792663] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.799780] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.806972] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  114.678145] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.712096] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.823108] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.928840] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.975450] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  115.037342] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.075861] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  115.099349] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.170499] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.224851] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  115.344540] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  115.350772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  115.365813] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  115.383611] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  115.393172] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  115.433346] 8021q: adding VLAN 0 to HW filter on device bond0
[  115.477468] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  115.485348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  115.492960] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  115.527734] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  115.592884] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  115.599104] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  115.608787] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  115.624886] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  115.739845] 8021q: adding VLAN 0 to HW filter on device team0
[  115.804058] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  115.810279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  115.817438] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  115.838110] 8021q: adding VLAN 0 to HW filter on device team0
[  115.853679] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  115.861234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  115.873415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  115.895527] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  115.924875] 8021q: adding VLAN 0 to HW filter on device team0
[  115.985051] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  115.991278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  116.004679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.068635] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  116.074931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  116.084810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.208437] 8021q: adding VLAN 0 to HW filter on device team0
[  116.234469] 8021q: adding VLAN 0 to HW filter on device team0
[  116.280816] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  116.287393] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  116.300721] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  116.427491] 8021q: adding VLAN 0 to HW filter on device team0
[  116.495647] 8021q: adding VLAN 0 to HW filter on device team0
[  116.714912] 8021q: adding VLAN 0 to HW filter on device team0
12:12:04 executing program 1:
syz_emit_ethernet(0x2c, &(0x7f00000000c0)={@broadcast, @random="651ba96b2aaf", [], {@ipx={0x806, {0xffff, 0x1e, 0x0, 0x0, {@random, @random="ce4431c87397"}, {@broadcast, @broadcast}}}}}, &(0x7f0000000180))

12:12:04 executing program 6:

12:12:04 executing program 1:

12:12:04 executing program 6:

12:12:04 executing program 7:

12:12:04 executing program 1:

12:12:04 executing program 7:

12:12:04 executing program 6:

12:12:04 executing program 0:

12:12:04 executing program 1:

12:12:04 executing program 7:

[  118.649107] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
12:12:04 executing program 3:
capset(&(0x7f0000000040)={0x19980330}, &(0x7f00000000c0))
keyctl$invalidate(0x15, 0x0)

12:12:04 executing program 6:

12:12:04 executing program 2:

12:12:04 executing program 7:

12:12:04 executing program 0:

12:12:04 executing program 1:

12:12:04 executing program 4:

12:12:04 executing program 5:
r0 = getpid()
sched_setaffinity(r0, 0x6, &(0x7f0000000080)=0xb4a2)
nanosleep(&(0x7f0000000000)={0x77359400}, &(0x7f00000001c0))
nanosleep(&(0x7f0000000380)={0x0, 0x1c9c380}, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00001e0000/0x3000)=nil, 0x3000, 0x0, 0x0, 0xfffffffffffffffe)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x0, 0x0)

12:12:04 executing program 0:
syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f0000001a80), 0x0, &(0x7f0000001b40)={[{@quota_quantum={'quota_quantum', 0x3d, 0x4}}]})

12:12:04 executing program 7:
prlimit64(0x0, 0x0, &(0x7f0000000040), &(0x7f0000000080))
clone(0x0, &(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380))

12:12:04 executing program 4:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x28, &(0x7f00000000c0)={0x0, 'ip6gretap0\x00', 0x3}, 0x18)

12:12:04 executing program 2:
r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x1, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000480)={0x53, 0x0, 0x11, 0x0, @scatter, &(0x7f0000000380)="e1de1cadf53c0e9f0a8fbda77221551805", &(0x7f0000000400)=""/10, 0x0, 0x0, 0x0, &(0x7f0000000440)})

12:12:04 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000880)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0)

12:12:04 executing program 6:
r0 = socket$l2tp(0x18, 0x1, 0x1)
listen(r0, 0x0)

12:12:04 executing program 3:
r0 = socket(0x1e, 0x5, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x80, 0x0, 0x3}, 0xe1)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req={0x80, 0x0, 0x3}, 0xe1)
sendto$inet6(r1, &(0x7f00000003c0), 0x101d0, 0x0, 0x0, 0x3a5)

12:12:04 executing program 4:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x10000000003, 0x6)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local, @local, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000002c0))

[  118.777370] capability: warning: `syz-executor3' uses 32-bit capabilities (legacy support in use)
[  118.805529] mmap: syz-executor5 (6452) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  118.870591] gfs2: not a GFS2 filesystem
12:12:04 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x1000000000000a, 0x80000000001, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000002a80)={&(0x7f0000000040), 0xc, &(0x7f0000002a40)={&(0x7f00000003c0)=@setlink={0x2c, 0x13, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_VFINFO_LIST={0xc, 0x16, [{0x8, 0x1, [@generic='|']}]}]}, 0x2c}}, 0x0)

12:12:04 executing program 6:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000040)="295ee1311f")
listen(0xffffffffffffffff, 0x0)
tkill(r0, 0x1000000000016)

12:12:04 executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x1a, &(0x7f0000000080), 0x0)

12:12:04 executing program 3:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"6e72300100", 0x2})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f00000000c0)=ANY=[@ANYBLOB="0000001a"])

12:12:04 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:04 executing program 4:
openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000400))
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f00004c0000)={0xa, 0x0, 0x0, @ipv4}, 0x1c)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x0, 0x0)
unshare(0x2000400)
pselect6(0x1ff, &(0x7f0000f33fc0)={0x3ffffd, 0x0, 0x0, 0x0, 0x80}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000349000)={0x0, 0x989680}, &(0x7f0000f14000)={&(0x7f0000a65ff8), 0x8})

12:12:04 executing program 1:
syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
unshare(0x60000000)

[  118.993758] netlink: 4 bytes leftover after parsing attributes in process `syz-executor7'.
[  119.048869] netlink: 4 bytes leftover after parsing attributes in process `syz-executor7'.
[  119.062337] IPVS: ftp: loaded support on port[0] = 21
[  119.172085] IPVS: ftp: loaded support on port[0] = 21
12:12:05 executing program 5:
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f00000000c0)={0x0, <r1=>0x0})
getgroups(0x2, &(0x7f0000000080)=[0xee00, <r2=>0xee00])
setresgid(r2, 0x0, 0x0)
ptrace$setopts(0x4206, r1, 0x0, 0x0)

12:12:05 executing program 2:
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x10000001, 0x32, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8))
syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000019000)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1})
r1 = gettid()
syz_open_dev$evdev(&(0x7f0000012fee)='/dev/input/event#\x00', 0x0, 0x0)
tkill(r1, 0x7)

12:12:05 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:05 executing program 3:
r0 = open(&(0x7f0000000040)='./bus\x00', 0x100300c0, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0)
capget(&(0x7f0000000240)={0x19980330}, &(0x7f0000003840))

12:12:05 executing program 6:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0)
syz_mount_image$minix(&(0x7f0000000980)='minix\x00', &(0x7f00000009c0)='./file0\x00', 0x0, 0x0, &(0x7f0000001c80), 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001d00)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0)='9p\x00', 0x0, &(0x7f0000002100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

12:12:05 executing program 7:
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6100)
kexec_load(0x0, 0x0, &(0x7f0000001740), 0x0)
ftruncate(r0, 0x1000)
lseek(r0, 0x0, 0x2)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x141042, 0x40)
mknod(&(0x7f0000000040)='./bus\x00', 0xf000, 0x3)
fstat(r0, &(0x7f0000000180))
getgroups(0x2, &(0x7f0000000200)=[0x0, 0xffffffffffffffff])
fchownat(r1, &(0x7f0000000140)='./bus\x00', 0x0, 0x0, 0x800)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
sendfile(r0, r2, &(0x7f0000d83ff8), 0x8000fffffffe)
ftruncate(r1, 0x0)

12:12:05 executing program 1:
r0 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x20000003)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r2 = accept4(r0, &(0x7f00004d4000)=@nl=@proc, &(0x7f0000047ffc)=0xc, 0x0)
poll(&(0x7f0000000040)=[{r2}], 0x1, 0xffff)
connect(r2, &(0x7f00007a8000)=@generic={0x0, "8c36b043d081c3c1503af6a768406b9267f60ac286da2338bd8e3f6ba990189977170a0705ea90c13e26ba0b966b9b9d3289c8784f16963ce7c312649ce2996cd4e7126f704ab2546e516d216ed2fb7a95ff906185874a2d44029a01f46a380e73c5477efe9e01548612afd6c667be500d748038f499a492ef8fe4e62653"}, 0x80)

12:12:05 executing program 4:
r0 = perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getegid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000300)={{{@in=@remote, @in6=@loopback}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in6=@mcast2}}, &(0x7f0000000400)=0xe8)
io_setup(0xb729, &(0x7f0000000640))
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000780)='/dev/vga_arbiter\x00', 0x0, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f00000004c0))
syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000d00)={{{@in=@rand_addr, @in6=@mcast1}}, {{@in6=@mcast2}, 0x0, @in=@broadcast}}, &(0x7f0000000e00)=0xe8)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(0xffffffffffffffff, 0x8008ae9d, &(0x7f0000000580)=""/174)
write$RDMA_USER_CM_CMD_BIND_IP(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @dev}}}, 0x30)

12:12:05 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x7, 0x4, 0x40, 0x2722}, 0x2c)

12:12:05 executing program 4:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0)
madvise(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x3)

12:12:05 executing program 5:
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000001000), &(0x7f0000001000)='\x00', 0x1, 0xffffffffffffffff)

[  119.705136] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop6.
12:12:05 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:05 executing program 1:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x1)

[  119.766843] 9pnet: Insufficient options for proto=fd
12:12:05 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000240))
accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000500)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="d179f20600000000001c14b1048c5b1bd2e7fcd330451c64b8614fcff9671a5cf54ab025", 0x24)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000001480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
dup2(r1, r0)
recvmsg(r0, &(0x7f0000000380)={&(0x7f0000000280)=@sco, 0x80, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/4096, 0x1000}], 0x1, &(0x7f0000001400)=""/6, 0x6}, 0x0)

12:12:05 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x800000000032, 0xffffffffffffffff, 0x0)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000001140)={'filter\x00'}, &(0x7f00000000c0)=0x54)

12:12:05 executing program 5:
syz_emit_ethernet(0x7e, &(0x7f00000000c0)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4032, 0x0, @local, @dev, {[@timestamp={0x4, 0x40, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast2]}, {[@multicast1]}, {}, {[@loopback]}, {[@broadcast]}, {[@multicast1]}, {[@dev]}]}]}}}}}}}, &(0x7f0000000000))

12:12:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'aead\x00', 0x0, 0x0, 'echainiv(morus640)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000140)="a384a1ca03e7c2e2edcf0aac31f7c6a956153a72490493c720f5a0ff8365d75e", 0x20}], 0x1, &(0x7f0000000100)}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000001280), 0x40003cf, 0x0, &(0x7f0000000340)={0x77359400})

12:12:05 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000040)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
r1 = getpid()
sched_setattr(r1, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000340)={0xc1, @time})
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000540))
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fdbff0)='/dev/sequencer2\x00', 0x0, 0x0)

[  119.838782] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop6.
12:12:05 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:05 executing program 6:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000140)='./bus\x00', 0x0)
fcntl$setstatus(r1, 0x4, 0x6101)
write$binfmt_aout(r1, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13e}, "", [[], []]}, 0x220)
truncate(&(0x7f00000000c0)='./bus\x00', 0xa00)
ftruncate(r1, 0x3c7)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, &(0x7f0000000040), 0x8000fffffffe)

12:12:05 executing program 5:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0xa, 0x3, 0x10)
setsockopt$netlink_NETLINK_RX_RING(r0, 0x29, 0x22, &(0x7f0000000000)={0x0, 0x20000}, 0x10)

12:12:06 executing program 7:
prctl$intptr(0x1, 0x58)

12:12:06 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:06 executing program 4:
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={<r0=>0x0}, &(0x7f0000000480)=0xc)
r1 = syz_open_procfs(r0, &(0x7f0000000340)="6dbf3b61705f66696c65")
fchdir(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000001dc0)={0x0, 0xbd63, 0x8})
r3 = perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x839)
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
sendfile(r2, r3, &(0x7f0000000300), 0x8)
r4 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x86)
fchdir(r4)
r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
syz_mount_image$gfs2(&(0x7f0000000580)='gfs2\x00', &(0x7f00000005c0)='./bus\x00', 0x100000001, 0x1, &(0x7f0000000500)=[{&(0x7f0000000380)="915d9d8394a8b46c378bd3bd7ccc57cfd9df17160f794b7e9c1a3d0e5695d76065a2f97db24dc3767626822a7651a0913422", 0x32, 0x400000}], 0x80003, &(0x7f0000000540))
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)}}, 0x20)
sendfile(r5, r5, &(0x7f00000000c0), 0x8080fffffffe)

12:12:06 executing program 6:
syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000740), 0x0, &(0x7f0000000840)={[{@codepage={'codepage', 0x3d, 'iso8859-4'}}, {@codepage={'codepage', 0x3d, 'cp862'}}]})

12:12:06 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000002c0)={@multicast2, @loopback}, 0xc)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f00003fdff5)={@multicast2, @loopback, @rand_addr}, 0xc)
dup2(r1, r0)

12:12:06 executing program 1:
add_key(&(0x7f0000000300)="6173796d6d65747269630000be3a8a3a9e389d6de516feae1218931b7f62f1989e779cb3e199015e6f224dc786b78b696462c7dec58cd05fa42773a4af0a703d63e19620fd165b5d862e2635059c401152746037a51f9d035dcf4197d265f6f5d246b14212db69e767574420fb11a7308eb293967dbd5a729bb8c6833a854e2036d4e9270fef4cef270638e56c144263ecf69038c96c9d38f68668c21513e19c1311eea8ee94c59609987d033ca3c8ad624dbc5c8958aaa4e9158c5850c6228a22d0adaabe8bb566c069babaa64e30af6d878c", &(0x7f0000000140), &(0x7f0000000000)="3080", 0x2, 0xfffffffffffffffd)

12:12:06 executing program 2:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sched_getscheduler(0x0)
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
statfs(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=""/39)

12:12:06 executing program 3:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f0000bcf000), 0x4)

12:12:06 executing program 7:
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x7, &(0x7f0000002000)={0x1})
unshare(0x400)
fcntl$lock(r1, 0x7, &(0x7f0000010000))
dup3(r0, r1, 0x0)

[  120.529280] syz-executor7 (6534) used greatest stack depth: 15472 bytes left
12:12:06 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0)
ftruncate(r0, 0x280080)
sendfile(r0, r0, &(0x7f0000d83ff8), 0x2008000fffffffe)
ftruncate(r0, 0x0)

12:12:06 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:06 executing program 5:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000002c0)={@multicast2, @loopback}, 0xc)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f00003fdff5)={@multicast2, @loopback, @rand_addr}, 0xc)
dup2(r1, r0)

12:12:06 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00001bf000/0x3000)=nil, 0x3000, 0x0, 0x20000000000011, r0, 0x0)

[  120.597386] hfs: unable to change codepage
[  120.601696] hfs: unable to parse mount options
12:12:06 executing program 2:
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x15, &(0x7f0000000140), 0x10)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000e95fe0)={@remote}, 0x20)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000000c0)={'veth0_to_bridge\x00', &(0x7f0000000000)=@ethtool_coalesce={0x46}})
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x1, 0x4)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000e95fe0)={@remote={0xfe, 0x80, [], 0xffffffffffffffff}}, 0x20)
openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x140, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/anycast6\x00')
sysfs$1(0x1, &(0x7f0000000080)='\x00')
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000100)=0x1)
fcntl$setown(r2, 0x8, 0x0)
preadv(r2, &(0x7f000055ff80)=[{&(0x7f00002f0f89)=""/204, 0xcc}], 0x1, 0x0)

12:12:06 executing program 7:
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000d81ff8)=0x101)
r1 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f0000000200)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000400)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0x80045301, &(0x7f0000000140)={0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000]})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc0105303, &(0x7f00000002c0))
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x1000000000013)

[  120.667164] hfs: unable to change codepage
[  120.671545] hfs: unable to parse mount options
12:12:06 executing program 5:
r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000d08ff7)='/dev/sg#\x00', 0x0, 0x81)
gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000000000))
tkill(0x0, 0x0)
close(r0)

12:12:06 executing program 0:
r0 = socket(0x0, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:06 executing program 6:
r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, r0, 0x0)

12:12:06 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32=r1])
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12:12:06 executing program 1:
r0 = gettid()
rt_sigprocmask(0x0, &(0x7f0000024000)={0xfffffffffffffffe}, 0x0, 0x8)
timer_create(0x3, &(0x7f0000044000)={0x0, 0x14, 0x4, @tid=r0}, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000046fe0)={{}, {0x0, 0x9}}, &(0x7f0000000040))
timer_settime(0x0, 0xffffffffeffffffd, &(0x7f0000040fe0)={{}, {0x0, 0x9}}, &(0x7f0000000000))

12:12:06 executing program 3:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000004c0)=@broute={'broute\x00\x00d\x00', 0x20, 0x1, 0x3b8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20001200], 0x0, &(0x7f0000000040), &(0x7f0000001200)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x755f4899, [{{{0x3, 0x0, 0x0, 'syz_tun\x00', 'bj\x00G\x00', 'veth0_to_team\x00', 'veth0\x00', @link_local, [], @empty, [], 0x2d8, 0x2d8, 0x328, [@bpf0={"6270660000000000000000000000000000000000000000000000000000000001", 0x210}, @cgroup0={'cgroup\x00', 0x8}]}}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x0, 'syz1\x00'}}}}]}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x1}]}, 0x430)

12:12:06 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x31)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1, 0xfffffffffffffffd, 0x33}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x90}}, 0xe8)
connect$inet6(r1, &(0x7f00000000c0), 0x1c)
ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070")
write$binfmt_misc(r1, &(0x7f0000000a80)={'syz1'}, 0x4)

12:12:06 executing program 0:
r0 = socket(0x10, 0x0, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:06 executing program 6:
r0 = socket(0x11, 0x100000803, 0x0)
getsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000140), &(0x7f0000000180)=0x4)

12:12:06 executing program 5:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184d00, &(0x7f0000000200)={0x0, 0x0, 0x0, r0})

[  120.921404] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000618)
[  120.928602] FAT-fs (loop4): Filesystem has been set read-only
[  120.934666] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000618)
[  120.950109] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 16)
[  120.959501] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000020)
12:12:06 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:06 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x800000018, &(0x7f0000001280)=0x800, 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x800}]}, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f0000004900)=[{{&(0x7f00000012c0)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000001400)=[{&(0x7f0000001340)=""/158, 0x9e}], 0x1, &(0x7f0000004480)=""/42, 0x2a}}], 0x1, 0x0, &(0x7f0000004a80))
sendmsg(r0, &(0x7f0000001440)={&(0x7f0000000140)=@in6={0xa, 0x4e21}, 0x42f, &(0x7f0000001200), 0x322}, 0x8000)
sendmsg(r0, &(0x7f0000000200)={&(0x7f0000000080)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f00000001c0), 0x23e, &(0x7f00000036c0)}, 0x0)

12:12:06 executing program 6:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00005cfff6)='/dev/cuse\x00', 0x0, 0x0)
pread64(r0, &(0x7f0000a4c000)=""/56, 0x38, 0x0)
madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008)

12:12:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x0)
socketpair$inet(0x2, 0x0, 0x0, &(0x7f0000000080))
eventfd(0x0)
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r2, 0x0, 0x2, r2})

[  121.001855] kernel msg: ebtables bug: please report to author: nentries does not equal the nr of entries in the chain
12:12:07 executing program 2:
syz_mount_image$hfs(&(0x7f0000000380)='hfs\x00', &(0x7f0000001480)='./file0\x00', 0x0, 0x0, &(0x7f0000001640), 0x0, &(0x7f0000000040)={[{@file_umask={'file_umask', 0x3d, 0xffffffff00000001}}]})

[  121.153226] hfs: file_umask requires a value
[  121.157789] hfs: unable to parse mount options
[  121.230965] hfs: file_umask requires a value
[  121.235458] hfs: unable to parse mount options
12:12:07 executing program 6:
syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x10001, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb64c86d6b66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x3bffa, 0x0)
io_setup(0x5, &(0x7f0000000080)=<r1=>0x0)
write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYRES64], 0xfffffcd5)
io_submit(r1, 0x1, &(0x7f0000000400)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f00000002c0)="80", 0x1}])

12:12:07 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:07 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
seccomp(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{}]})

12:12:07 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002)
write$evdev(r0, &(0x7f0000e95000)=[{}, {}], 0x30)
write(r0, &(0x7f0000eaffa7)="dbef803e3d9f5de1e52055bb7c8a326fe46092b6682d9ad789c5d7acad0e771f13cecb59029b011ded54a09c41c6cfcfbcd743cc665c32af223d42438b496a0304891c88697ae707d4a70f330e6fe3a1c9c76f314ffab329", 0x58)
write$sndseq(r0, &(0x7f00006d9000)=[{}], 0x30)

12:12:07 executing program 5:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x8088000, &(0x7f0000000280), &(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000140))

12:12:07 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_int(r1, 0x1, 0x200000010, &(0x7f0000000040)=0x1, 0x4)
write$binfmt_misc(r0, &(0x7f0000000280)=ANY=[], 0x0)
recvmsg(r1, &(0x7f0000000080)={&(0x7f0000000380)=@pppol2tp, 0x80, &(0x7f0000000780), 0x0, &(0x7f00000019c0)=""/222, 0xde}, 0x40000002)

12:12:07 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000001200)={0x26, 'aead\x00', 0x0, 0x4, 'ccm_base(ctr(aes-aesni),sha224)\x00'}, 0x58)

12:12:07 executing program 2:
getgroups(0x3, &(0x7f00000001c0)=[0x0, 0xffffffffffffffff, 0xffffffffffffffff])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000), 0x0}, 0x20)
r0 = syz_open_procfs(0x0, &(0x7f0000001480)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75c01f0200f58d26d7a071fb35331ce39c5aeeff5083cf07dd46455c914d4aff1e7cf7ed57c0c2056f5ca933f03cbf82bd13534737339245d31b0041be6281d7e1b4b7099114c571872298dd7f2120e2b6fa2a2e2a2c9c6e0034750b7961fa2c1584c0b5a500ae0ac39bc76a78d9158266759f766a3e8c84c09cf35a214a200421dcbc4cb6ee55476d8ead8882947ffa1fb4c050727beb12c57e06ff59")
ioctl$SG_GET_NUM_WAITING(r0, 0xc0c0583b, &(0x7f0000000180))

12:12:07 executing program 0:
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:07 executing program 4:
r0 = socket(0x1f, 0x2000000000000005, 0x0)
bind$bt_rfcomm(r0, &(0x7f0000000040), 0x0)

12:12:07 executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f0000000780)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$KVM_IOEVENTFD(r0, 0x40286608, &(0x7f0000000080)={0x6000, &(0x7f00000000c0)})

12:12:07 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x29, 0x200000000000002, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f000031aff8))

[  121.688675] FAT-fs (loop6): Directory bread(block 128) failed
12:12:07 executing program 2:
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'bond_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000018c0)={&(0x7f00000002c0), 0xc, &(0x7f0000001880)={&(0x7f0000000000)=@setlink={0x20, 0x13, 0x105, 0x0, 0x0, {0x7, 0x0, 0x0, r1}}, 0x20}}, 0x0)

12:12:07 executing program 0:
socket(0x10, 0x2, 0xc)
write(0xffffffffffffffff, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f)

12:12:07 executing program 7:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
mount(&(0x7f0000000280)='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='securityfs\x00', 0x0, &(0x7f0000000480))

12:12:07 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

[  121.743519] FAT-fs (loop6): Directory bread(block 129) failed
[  121.764319] EXT4-fs warning (device sda1): ext4_group_add:1636: No reserved GDT blocks, can't resize
[  121.784538] FAT-fs (loop6): Directory bread(block 130) failed
[  121.795446] FAT-fs (loop6): Directory bread(block 131) failed
[  121.803723] FAT-fs (loop6): Directory bread(block 132) failed
[  121.809746] FAT-fs (loop6): Directory bread(block 133) failed
[  121.815906] FAT-fs (loop6): Directory bread(block 134) failed
[  121.822087] FAT-fs (loop6): Directory bread(block 135) failed
[  121.828309] FAT-fs (loop6): Directory bread(block 136) failed
[  121.834334] FAT-fs (loop6): Directory bread(block 137) failed
[  122.242871] attempt to access beyond end of device
[  122.243169] attempt to access beyond end of device
[  122.248038] loop6: rw=2049, want=310, limit=128
[  122.248058] Buffer I/O error on dev loop6, logical block 309, lost async page write
[  122.253014] loop6: rw=2049, want=2154, limit=128
[  122.270311] attempt to access beyond end of device
[  122.275303] loop6: rw=2049, want=311, limit=128
[  122.279994] Buffer I/O error on dev loop6, logical block 310, lost async page write
[  122.288121] attempt to access beyond end of device
[  122.293091] loop6: rw=2049, want=312, limit=128
[  122.298008] Buffer I/O error on dev loop6, logical block 311, lost async page write
[  122.305864] attempt to access beyond end of device
[  122.310829] loop6: rw=2049, want=313, limit=128
[  122.315526] Buffer I/O error on dev loop6, logical block 312, lost async page write
[  122.323417] attempt to access beyond end of device
[  122.328376] loop6: rw=2049, want=326, limit=128
[  122.333093] Buffer I/O error on dev loop6, logical block 325, lost async page write
[  122.340926] attempt to access beyond end of device
[  122.345895] loop6: rw=2049, want=327, limit=128
[  122.350589] Buffer I/O error on dev loop6, logical block 326, lost async page write
[  122.358443] attempt to access beyond end of device
[  122.363386] loop6: rw=2049, want=328, limit=128
[  122.368086] Buffer I/O error on dev loop6, logical block 327, lost async page write
[  122.376058] attempt to access beyond end of device
[  122.381014] loop6: rw=2049, want=329, limit=128
[  122.385710] Buffer I/O error on dev loop6, logical block 328, lost async page write
12:12:08 executing program 6:
io_setup(0x2005, &(0x7f0000000000)=<r0=>0x0)
io_submit(r0, 0x0, &(0x7f0000000400))
mbind(&(0x7f0000126000/0x3000)=nil, 0x3321a8df32ee8487, 0x0, &(0x7f000016e000), 0x5, 0x4)

12:12:08 executing program 4:
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0x21, &(0x7f0000000280)={@in={{0x2, 0x0, @multicast1}}, 0x0, 0x0, 0x0, "9f3bd165fb4d64d5d49973e8c5306bc461cec6c74e65ec4f6eef879609da0f30d6d5baf980266e3e2fe4e8a4dee60eb6840d7ebfa806b37d552f33b2bc8ace76e8bdaff44bd52d979b30a7a0153e7427"}, 0xd8)

12:12:08 executing program 2:
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
fcntl$setstatus(r0, 0x40e, 0x0)

12:12:08 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0x3, &(0x7f0000000040)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x0, 0xffffff9f}}, &(0x7f0000003ff6)="47501e58", 0x1, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48)

12:12:08 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffd000/0x1000)=nil, 0x1000}, &(0x7f0000000080)=0x10)

12:12:08 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000), 0x0)

12:12:08 executing program 7:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x28, &(0x7f0000000280)}, 0x10)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dspn(&(0x7f0000e5bff6)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x800000c004500a, &(0x7f00000015c0))
readv(r0, &(0x7f0000000600)=[{&(0x7f0000001600)=""/4096, 0x1000}, {&(0x7f0000000100)=""/5, 0x5}], 0x2)

12:12:08 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

[  122.394501] attempt to access beyond end of device
[  122.399476] loop6: rw=2049, want=2153, limit=128
12:12:08 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000), 0x0)

12:12:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000b00)='/dev/zero\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000240)="ba4300b00bee0f017edaf02114650f1ea7f07f0f20e06635040000000f22e03e0fc72dbaf80c66b80fb2578d66efbafc0cb001ee0fc75ba2f40f3805800060"}], 0xaaaaaaaaaaaa84c, 0x0, &(0x7f0000000140), 0x10000000000000c5)
socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12:12:08 executing program 3:
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setfsgid(r1)
setfsgid(r1)

12:12:08 executing program 2:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @dev}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xa4, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0xb)
sendto$inet(r0, &(0x7f00000002c0)='6', 0x1, 0x0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000013c0)='8', 0x1}], 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='tunl0\x00', 0xb)
sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0), 0x6)

12:12:08 executing program 1:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffffdffffffff, 0xffffffffffffffff, 0x0)
r0 = shmget$private(0x0, 0x2000, 0x120, &(0x7f0000ffe000/0x2000)=nil)
shmctl$IPC_STAT(r0, 0x2, &(0x7f0000000040)=""/237)

12:12:08 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:08 executing program 1:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000661000/0x18000)=nil, &(0x7f0000000340)=[@text32={0x20, &(0x7f0000000180)="8fc998960f2e0f0f6f0d9766ba420066ed66b813000f00d8c4e225457ac9b8002000000f23c80f21f835000020000f23f8c4e14dfed7f26565f3f0083d00800000f704da0000010067650f9c39", 0x4d}], 0x1, 0x0, &(0x7f0000000380), 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x44031, 0xffffffffffffffff, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000380000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000280)="2e0fc75a00260f22e366b9110300000f320f00535bb8cd0b8ec066b9ed08000066b8270eba9366bae36313680f30640f01f766b81e8200000f23c80f21f866350c0080000f23f86b8da90008652e360f01ca", 0x52}], 0x1, 0x0, &(0x7f00000000c0), 0x0)

12:12:08 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0xe000, 0x4)

12:12:08 executing program 6:
r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
getpgid(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000fcdfe8))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f000086c000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1})
read(r0, &(0x7f0000465f8e)=""/114, 0x13)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x2403, &(0x7f0000000180))
ioctl$RNDADDENTROPY(r2, 0x40082406, &(0x7f00000001c0))
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000100))
ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000c22ff0)={&(0x7f000001d000/0xc00000)=nil, 0xc00000})

12:12:08 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000), 0x0)

12:12:08 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:08 executing program 4:
r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x200, 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

12:12:08 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0xe000, 0x4)

12:12:08 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

[  122.824597] syz-executor2 (6863) used greatest stack depth: 14528 bytes left
12:12:08 executing program 7:
timer_create(0x7, &(0x7f0000000040)={0x0, 0x31, 0x3, @thr={&(0x7f00000003c0)="71e56553ece12c96720ed34cbd4e65e967f82f3f12e15c46cba5e6a201504705a73aca33b9c6fa1f9b0994e81f7d14c6d3ada2ae09c34767487731adc81c707f1c4282458be1", &(0x7f00000008c0)="17195210182685abd2111abbf2e3118c211eab0c96e49d90feb6f7a7bdcfee5a3b706d2a94e8dcc98a9db5d3cb3fe06c9da98a51978e5ee22aa5a331afa498cb0ce66e3f81c5ebd8e60af66ffba136b96a5bb66ad53cb15e871cc4651cebb9a3168495dddef02ea953b421f51b755f6b0f668145946d2c4f8fca0e55e2ba3adb3b2f426fe643e6e323e72f70e54bb92381cbdaef4e535be0dfe9f7ede97169a68490e5f084f08402ff8194965a88f289076a76abbc491db378a79adf706d3c0258c95e09779dc09219f1148daa348d35ceb8bbddce095db9bda3a704"}}, &(0x7f0000000200))
r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/cuse\x00', 0x10000, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f00000009c0)={'NETMAP\x00'}, &(0x7f0000000a00)=0x1e)
r2 = memfd_create(&(0x7f0000000140)="000400008c00000000000000000000", 0x0)
r3 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000001e80))
setsockopt$inet_dccp_buf(r2, 0x21, 0x0, &(0x7f00000007c0), 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x0, 0x0)
io_setup(0x6, &(0x7f00000004c0)=<r4=>0x0)
io_cancel(r4, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x7552, r3, &(0x7f0000000500)="21427c5dc5c58f3029803ece6a6ef732dba030cc508f512935c459e8453977682eef4b54605fb8bfb6778cb03431d2704c87f65cd680c10d59c0fa8d16e100a74e540684d7f915bc029bd0a1644210c791d2586d9b6766c1ce7f1bc07a5d7d318a65a7c9c0537e8ae49b370c1ef2cb5fe11a32db764ca3f1774db24ec5a44388f0b4690387feedfd857cee3a92166e99ed6921fb09c362722215c78a179d6ca4bb3a7c88414a6a4fee83a6357f475a28dc4e3016f6cd13357b6094fab3a01a52838f5fa5a4f49b336d3126ca9d43678e6217ee120a638a9869ad3a88a6", 0xdd, 0x100, 0x0, 0x1, r2}, &(0x7f0000000640))
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000700)='/dev/snd/pcmC#D#p\x00', 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000380)=0x12, 0x4)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000440)=<r6=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000680)={{0x16, 0x0, 0x0, 0x0, 0x0, 0x18f}, 0x0, 0x2, 0x0, 0x3f, 0x80000000, 0x0, r6})
pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81001)
clock_gettime(0x3, &(0x7f00000000c0))
syz_open_dev$sndtimer(&(0x7f0000000480)='/dev/snd/timer\x00', 0x0, 0x200)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r2)
getsockopt$ARPT_SO_GET_ENTRIES(r5, 0x0, 0x61, &(0x7f0000001b00)=ANY=[@ANYBLOB="6669717465720000000000000000000000000000000000000000000000000000ba000000c5bc8a2eae6fecf325423b7c6d78241e393550bc6172d16171e001d6e3ebb68aa1b66637e5ec588fedff6c980500000000000000d903f0493e00bafa2fd26aee5be52d4b5deb29bc2cd655106e5d83a836a7cf3a99f587761c38d23de5bb2a48ee83b0773e23819d53cd64f59bcbad1384c0b5ba85e67f845e93738757d327da9ea651afbaee9f7e8dad436b206df990539e1b31fff71e9c2128ff5200e6e144fc17ec1e8c93dc6bc611b1551704a00c66575b86d34821b7ee92040073194f28a8a4d073baca142e67e82962c5ae51a00142396e6ffbe91eb902c990a4482c276d31eed274fc540be55942831cf1a71672df92d79bef1976fd30f07cb7ca5106024363bb341012c836ee97547d731edfc50188f554917cc3f61c540693cad28dd7acc6d456566568546215fd55"], &(0x7f0000000a40)=0x1)
sendfile(r0, r0, &(0x7f00000ddff8), 0x102000001)

12:12:08 executing program 5:
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={0xffffffffffffffff, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:08 executing program 2:
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x3cc0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000ee5000)={{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}}}, 0x5c)

12:12:08 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000", 0x10)

12:12:08 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:08 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0xe000, 0x4)

12:12:08 executing program 4:
r0 = perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000080)=""/220, 0xdc)
socket$inet6_udplite(0xa, 0x2, 0x88)

12:12:08 executing program 6:
r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
getpgid(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000fcdfe8))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f000086c000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1})
read(r0, &(0x7f0000465f8e)=""/114, 0x13)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x2403, &(0x7f0000000180))
ioctl$RNDADDENTROPY(r2, 0x40082406, &(0x7f00000001c0))
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000100))
ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000c22ff0)={&(0x7f000001d000/0xc00000)=nil, 0xc00000})

12:12:09 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0xe000, 0x4)

12:12:09 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000080))

12:12:09 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000", 0x10)

12:12:09 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x0, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:09 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:09 executing program 7:
timer_create(0x7, &(0x7f0000000040)={0x0, 0x31, 0x3, @thr={&(0x7f00000003c0)="71e56553ece12c96720ed34cbd4e65e967f82f3f12e15c46cba5e6a201504705a73aca33b9c6fa1f9b0994e81f7d14c6d3ada2ae09c34767487731adc81c707f1c4282458be1", &(0x7f00000008c0)="17195210182685abd2111abbf2e3118c211eab0c96e49d90feb6f7a7bdcfee5a3b706d2a94e8dcc98a9db5d3cb3fe06c9da98a51978e5ee22aa5a331afa498cb0ce66e3f81c5ebd8e60af66ffba136b96a5bb66ad53cb15e871cc4651cebb9a3168495dddef02ea953b421f51b755f6b0f668145946d2c4f8fca0e55e2ba3adb3b2f426fe643e6e323e72f70e54bb92381cbdaef4e535be0dfe9f7ede97169a68490e5f084f08402ff8194965a88f289076a76abbc491db378a79adf706d3c0258c95e09779dc09219f1148daa348d35ceb8bbddce095db9bda3a704"}}, &(0x7f0000000200))
r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/cuse\x00', 0x10000, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f00000009c0)={'NETMAP\x00'}, &(0x7f0000000a00)=0x1e)
r2 = memfd_create(&(0x7f0000000140)="000400008c00000000000000000000", 0x0)
r3 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000001e80))
setsockopt$inet_dccp_buf(r2, 0x21, 0x0, &(0x7f00000007c0), 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x0, 0x0)
io_setup(0x6, &(0x7f00000004c0)=<r4=>0x0)
io_cancel(r4, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x7552, r3, &(0x7f0000000500)="21427c5dc5c58f3029803ece6a6ef732dba030cc508f512935c459e8453977682eef4b54605fb8bfb6778cb03431d2704c87f65cd680c10d59c0fa8d16e100a74e540684d7f915bc029bd0a1644210c791d2586d9b6766c1ce7f1bc07a5d7d318a65a7c9c0537e8ae49b370c1ef2cb5fe11a32db764ca3f1774db24ec5a44388f0b4690387feedfd857cee3a92166e99ed6921fb09c362722215c78a179d6ca4bb3a7c88414a6a4fee83a6357f475a28dc4e3016f6cd13357b6094fab3a01a52838f5fa5a4f49b336d3126ca9d43678e6217ee120a638a9869ad3a88a6", 0xdd, 0x100, 0x0, 0x1, r2}, &(0x7f0000000640))
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000700)='/dev/snd/pcmC#D#p\x00', 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000380)=0x12, 0x4)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000440)=<r6=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000680)={{0x16, 0x0, 0x0, 0x0, 0x0, 0x18f}, 0x0, 0x2, 0x0, 0x3f, 0x80000000, 0x0, r6})
pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81001)
clock_gettime(0x3, &(0x7f00000000c0))
syz_open_dev$sndtimer(&(0x7f0000000480)='/dev/snd/timer\x00', 0x0, 0x200)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r2)
getsockopt$ARPT_SO_GET_ENTRIES(r5, 0x0, 0x61, &(0x7f0000001b00)=ANY=[@ANYBLOB="6669717465720000000000000000000000000000000000000000000000000000ba000000c5bc8a2eae6fecf325423b7c6d78241e393550bc6172d16171e001d6e3ebb68aa1b66637e5ec588fedff6c980500000000000000d903f0493e00bafa2fd26aee5be52d4b5deb29bc2cd655106e5d83a836a7cf3a99f587761c38d23de5bb2a48ee83b0773e23819d53cd64f59bcbad1384c0b5ba85e67f845e93738757d327da9ea651afbaee9f7e8dad436b206df990539e1b31fff71e9c2128ff5200e6e144fc17ec1e8c93dc6bc611b1551704a00c66575b86d34821b7ee92040073194f28a8a4d073baca142e67e82962c5ae51a00142396e6ffbe91eb902c990a4482c276d31eed274fc540be55942831cf1a71672df92d79bef1976fd30f07cb7ca5106024363bb341012c836ee97547d731edfc50188f554917cc3f61c540693cad28dd7acc6d456566568546215fd55"], &(0x7f0000000a40)=0x1)
sendfile(r0, r0, &(0x7f00000ddff8), 0x102000001)

12:12:09 executing program 2:
r0 = perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000000c0)=0xa)

12:12:09 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
lseek(r0, 0xe000, 0x4)

12:12:09 executing program 6:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000500)={0x10000009, 0xffffffffffffffff})

12:12:09 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x0, &(0x7f00000000c0)=ANY=[], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:09 executing program 3:
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xefff)
lseek(0xffffffffffffffff, 0xe000, 0x4)

12:12:09 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:09 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000", 0x10)

12:12:09 executing program 2:
r0 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x10, &(0x7f0000000200)=""/132, &(0x7f00000002c0)=0x84)

12:12:09 executing program 4:
r0 = syz_open_dev$sndpcmc(&(0x7f0000004fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
ioctl(r0, 0xc0884113, &(0x7f0000001f64))

12:12:09 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff})
ioctl$TIOCGLCKTRMIOS(r1, 0x5412, &(0x7f0000000000)={0xffffffff})

12:12:09 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xefff)
lseek(r0, 0xe000, 0x4)

12:12:09 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:09 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600", 0x18)

12:12:09 executing program 2:
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r1, 0x0, 0x0)
r2 = memfd_create(&(0x7f00000002c0)="73797374656d2c7de500", 0x0)
execveat(r2, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f0000000240), 0x1000)

12:12:09 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$vnet(0xffffffffffffffff, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:09 executing program 4:
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000001440), 0x0, &(0x7f00000014c0)={[{@utf8='utf8'}]})

12:12:09 executing program 7:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
ioctl$TCSETSF(r0, 0x5100, &(0x7f0000000000))

12:12:09 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600", 0x18)

[  123.475008] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  123.494789] ntfs: (device loop4): parse_options(): Unrecognized mount option .
[  123.595667] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  123.615707] ntfs: (device loop4): parse_options(): Unrecognized mount option .
12:12:09 executing program 6:
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$sock_int(r0, 0x1, 0x10, &(0x7f0000000040)=0x5, 0x4)
connect$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
r1 = dup(r0)
sendmsg$kcm(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)}, 0x0)

12:12:09 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0xefff)
lseek(r0, 0xe000, 0x4)

12:12:09 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$vnet(0xffffffffffffffff, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:09 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x2, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:09 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
r2 = dup3(r1, r0, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
geteuid()
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000400)={{0xa, 0x4e20, 0x0, @ipv4, 0x8}, {0xa, 0x4e22, 0x0, @mcast1}, 0xfffffffffffff5ef, [0x0, 0x1, 0x2, 0x28000, 0x0, 0x0, 0x0, 0xbc5]}, 0x5c)
ioctl$SNDRV_TIMER_IOCTL_TREAD(0xffffffffffffffff, 0x40045402, &(0x7f0000000480))
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000300)={{{@in=@multicast1, @in6=@local, 0x0, 0x0, 0x4e23, 0xffffffff, 0x0, 0x20, 0x80}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0xe02}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x7f}, 0xa, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xb71}}, 0xe8)
socketpair$packet(0x11, 0x0, 0x300, &(0x7f00000000c0))

12:12:09 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600", 0x18)

12:12:09 executing program 2:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x0, 0x1)
keyctl$read(0xb, 0x0, &(0x7f0000000340)=""/175, 0xaf)
keyctl$describe(0x10, 0x0, &(0x7f0000000700)=""/128, 0x80)

12:12:09 executing program 4:
capset(&(0x7f000043fff8)={0x19980330}, &(0x7f0000000000)={0xffffffff, 0xffffffffffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:09 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0xefff)
lseek(r0, 0xe000, 0x4)

12:12:09 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d1", 0x1c)

12:12:09 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$vnet(0xffffffffffffffff, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

[  123.826737] syz-executor4 (7048): Attempt to access syslog with CAP_SYS_ADMIN but no CAP_SYSLOG (deprecated).
12:12:09 executing program 6:
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x7, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x1, &(0x7f0000527ff8), 0x2, 0x0)
mremap(&(0x7f00009c7000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000d37000/0x4000)=nil)
mbind(&(0x7f0000126000/0x3000)=nil, 0x3321a8df32ee8487, 0x0, &(0x7f000016e000), 0x5, 0x0)

12:12:09 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000000c0))
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12:12:09 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1000, 0x471)

12:12:09 executing program 4:
capset(&(0x7f000043fff8)={0x19980330}, &(0x7f0000000000)={0xffffffff, 0xffffffffffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:09 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d1", 0x1c)

12:12:09 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x8, &(0x7f00000002c0)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)
sendto$inet6(r0, &(0x7f00004e8000), 0x0, 0x20000001, &(0x7f0000b63fe4)={0xa, 0x400000000004e22}, 0x1c)
sendto$inet6(r0, &(0x7f0000000080)="f80fbd5da1b3c0f09d3d94815745711bc76fe5db01b2fc2212e65d8952d0e6c6a78d9f733c0b2e6e682851541ccb5deb7457e151cc1b5b5f36b48923af79e3e31d74d21dc9276ec6f239daf8840b23b84d41ef4054d550e46cfccfc13cb3a98b0115acdeb9a444078b26402b41c98ab137b29323385056b60a526b3761a836df03793a0d70bc210cdffb72830619e25a176e9093cd2f7638c729ff1729c356aa239337240d338a81f3518edc86ef1b5c6cd42d1cb29af9759c30b7c23ffae4fecf251357f1393e3a0323f95bd74bbf0ef60ffaf5f145b6f799b8b78adeefd3fdd5e5c640aeef43a440e9ff23509a446d6fa8496d4d073d1b98352d9ad48c32cc08b80ddf39dd47ed07b16dc93e526db098de8a840c9c65cbdbae98c40da0ef48e76429d4a74a2b228bfba5ed2eaf754154621255f65595ffaa2d79c49efd77849986e5dc12189002f11145da3d56c1ce8cac370b43b3cee8e8071c44f54f94f17368586f53dbaf3be6e5aba47cccac708235c3d6f75e18d397fd167aee63522153e59d14fc28996fae0c2ee0a6c582146530547829808681f6f631ece598d63118a08a4550534ac8ad228c05182eb2fee2a304b6d27db943307578e78c68b2b3889abf3158ec7fd4603aa7a6b601769724e669c4a3dc74afaeba1ed37b00ec985b1553e3452de574312e12114412bbefa695ac9d613fe505421f835f8c3a17aa04f20be028c321f176205f7da29dd81393125e99b68832a2", 0x218, 0x8000, &(0x7f0000000000), 0x1c)
close(r0)

12:12:09 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:09 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x0, 0x0, 0xefff)
lseek(r0, 0xe000, 0x4)

12:12:09 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff00950000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:10 executing program 4:
capset(&(0x7f000043fff8)={0x19980330}, &(0x7f0000000000)={0xffffffff, 0xffffffffffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:10 executing program 7:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xa, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
openat$vnet(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vhost-net\x00', 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000500)='/dev/ptmx\x00', 0x0, 0x0)
syz_open_dev$sndseq(&(0x7f0000000440)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = dup2(0xffffffffffffffff, r1)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
syz_mount_image$gfs2(&(0x7f0000000200)='gfs2\x00', &(0x7f0000000240)='./bus\x00', 0xf55f, 0x1, &(0x7f0000000480)=[{&(0x7f0000000280)="c3987b6c4234d58e16b3ab31afcfabec42178ba46962936fcb5270bb9ec1a9fc46", 0x21, 0x4}], 0x20000, &(0x7f0000000500)=ANY=[])
getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@ipv4={[], [], @multicast1}, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@remote}, 0x0, @in6}}, &(0x7f0000000400)=0xe8)
bind(r0, &(0x7f0000000540)=@hci={0x1f, r3, 0x3}, 0x80)
r4 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x86)
fcntl$notify(r4, 0x402, 0x28)
fchdir(r4)
r5 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0xfffffffffffffff7)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x2}}, 0x20)
sendfile(r5, r5, &(0x7f00000000c0), 0x8080fffffffe)

12:12:10 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

[  124.059688] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
12:12:10 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff00950000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:10 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d1", 0x1c)

12:12:10 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0x0)
lseek(r0, 0xe000, 0x4)

12:12:10 executing program 2:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000d0fff5)='/dev/audio\x00', 0x42801, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18}, 0x20)
ioctl$int_in(r0, 0x80000000005001, &(0x7f00000000c0))

12:12:10 executing program 4:
capset(&(0x7f000043fff8)={0x19980330}, &(0x7f0000000000)={0xffffffff, 0xffffffffffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:10 executing program 6:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000640)={&(0x7f00000000c0), 0xc, &(0x7f0000000600)={&(0x7f0000000580)=@ipv6_delroute={0x24, 0x19, 0xbfd8d01f91922877, 0x0, 0x0, {0xa, 0xa0}, [@RTA_IIF={0x8}]}, 0x24}}, 0x0)

12:12:10 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff0095000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:10 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200", 0x1e)

12:12:10 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:10 executing program 6:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x84042, 0x0)

12:12:10 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(0xffffffffffffffff, 0xe000, 0x4)

12:12:10 executing program 4:
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:10 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0x0, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:10 executing program 1:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:10 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0x0, 0x4)

12:12:10 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200", 0x1e)

12:12:10 executing program 4:
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:10 executing program 1:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:10 executing program 5:
bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={0xffffffffffffffff, 0x0, 0xe, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd43", &(0x7f0000000340)=""/4096}, 0x28)

12:12:11 executing program 2:
mkdir(&(0x7f0000000240)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x6, 0x3, &(0x7f0000346fc8), &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48)
unshare(0x28020400)
mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000080))
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000005c0)={&(0x7f0000000600)='./file0/file0\x00', r0}, 0x10)

12:12:11 executing program 7:
r0 = socket$inet6(0xa, 0x802, 0x0)
sendto$inet6(r0, &(0x7f0000adb000), 0x0, 0x0, &(0x7f0000809000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
bind$inet6(r0, &(0x7f0000000340)={0xa, 0x0, 0x0, @loopback}, 0x1c)

12:12:11 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:11 executing program 4:
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:11 executing program 0:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000000)="1f0000000109fffffd3b54c007110000f30501000b000600000010d10200", 0x1e)

12:12:11 executing program 1:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:11 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0x0, 0x4)

12:12:11 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0x0, 0x1000, &(0x7f00000002c0), &(0x7f0000000340)=""/4096}, 0x28)

12:12:11 executing program 4:
capset(&(0x7f000043fff8), &(0x7f0000000000)={0xffffffff, 0xffffffffffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:11 executing program 7:
ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8910, &(0x7f0000000040))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000001340)='./file0\x00', 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x0, 0x0)
rmdir(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
open$dir(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x0)
fcntl$getownex(r0, 0x408, &(0x7f0000000000))

12:12:11 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0x0, 0x4)

12:12:11 executing program 0:
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x10)

12:12:11 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0x7, 0x1000, &(0x7f00000002c0)="e79ce722714f35", &(0x7f0000000340)=""/4096}, 0x28)

12:12:11 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:11 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:11 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x803ff, 0x0)
ioctl$EVIOCGKEYCODE_V2(r0, 0x80084503, &(0x7f0000000140)=""/230)

12:12:11 executing program 4:
capset(&(0x7f000043fff8), &(0x7f0000000000)={0xffffffff, 0xffffffffffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:11 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0xe000, 0x0)

12:12:11 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xb, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef", &(0x7f0000000340)=""/4096}, 0x28)

12:12:11 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0xa37, 0x1, 0x1}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000002800000850000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0x4, &(0x7f0000000040)=@raw=[@map={0x18, 0x0, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x3b}], &(0x7f0000000140)='GPL\x00', 0x41, 0xffc4, &(0x7f00000004c0)=""/167}, 0x48)

12:12:11 executing program 7:
kexec_load(0x0, 0x1, &(0x7f00000024c0)=[{&(0x7f0000000100), 0x0, 0x0, 0x40000000000000}], 0x0)

12:12:11 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

[  125.541479] 9pnet: Insufficient options for proto=fd
12:12:11 executing program 2:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4004af07, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000680)=""/55, &(0x7f0000000800)=""/71, &(0x7f00000004c0)=""/103})

12:12:11 executing program 4:
capset(&(0x7f000043fff8), &(0x7f0000000000)={0xffffffff, 0xffffffffffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:11 executing program 7:
r0 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xf6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x80011, r0, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040))

12:12:11 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:11 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:11 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0xe000, 0x0)

12:12:11 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:11 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002f0000001700000000f4ff009500000000000000"], &(0x7f0000000200)="73797a6b616c6c65722c493d6c2b78db01beb8234b8301e2918b8b33e703f173263d15127d1c5309a0593d0f6dbe9cd5434619dfff6e61ba74ed3776315503f2d22b3ecd7a62819bc2345afd348344bed224a114267fd4cd1e55f8cf69c16cfffd3a4dc7721aacdfb55e39d507f86531752d2affc30318f5da65be34374a24f6", 0xfffffffffffffffa, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001340)={r0, 0x0, 0xd, 0x1000, &(0x7f00000002c0)="e79ce722714f35557fb4ef4dcd", &(0x7f0000000340)=""/4096}, 0x28)

12:12:11 executing program 4:
capset(&(0x7f000043fff8)={0x19980330}, &(0x7f0000000000)={0x0, 0xffffffffffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:11 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(r0, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:11 executing program 2:
r0 = syz_open_dev$sg(&(0x7f00000001c0)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)={0x0, 0x0, 0x7f})

12:12:11 executing program 3:
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
fallocate(r0, 0x10, 0x0, 0xefff)
lseek(r0, 0xe000, 0x0)

12:12:11 executing program 7:
syz_mount_image$vfat(&(0x7f0000000040)='vfat\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000340)={[{@fat=@time_offset={'time_offset', 0x3d, 0x3af}}]})
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe004, 0x1, &(0x7f00000003c0)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400100401000200027000f8", 0x16}], 0x0, &(0x7f0000000340)=ANY=[])
r0 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0)

12:12:11 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:11 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:11 executing program 5:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000833000)={&(0x7f0000564000)=@abs, 0x6e, &(0x7f0000451ff0)=[{&(0x7f0000007000)="002a932f01000000cf960802e02348f800000000001c0003f2a576", 0x1b}], 0x1, &(0x7f00001f9fe0)}, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000c5ff7)='/dev/sg#\x00', 0x0, 0x0)
ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000007000)={0x0, 0x0, 0x537})
ioctl(r0, 0x2285, &(0x7f0000007000)='S')

12:12:11 executing program 3:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0xa29e0dcdcdf67d6b, &(0x7f0000000300), &(0x7f0000000040), &(0x7f0000000280), &(0x7f0000000180))

[  125.843559] FAT-fs (loop7): bogus number of reserved sectors
[  125.849469] FAT-fs (loop7): Can't find a valid FAT filesystem
12:12:11 executing program 4:
capset(&(0x7f000043fff8)={0x19980330}, &(0x7f0000000000)={0xffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:11 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:11 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:11 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(0xffffffffffffffff, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

[  125.884957] sd 0:0:1:0: [sg0] tag#1224 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[  125.893782] sd 0:0:1:0: [sg0] tag#1224 CDB: Test Unit Ready
[  125.899546] sd 0:0:1:0: [sg0] tag#1224 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  125.908420] sd 0:0:1:0: [sg0] tag#1224 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  125.917302] sd 0:0:1:0: [sg0] tag#1224 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  125.926183] sd 0:0:1:0: [sg0] tag#1224 CDB[30]: 00 00 00 00 00 00 00
[  125.963791] sd 0:0:1:0: [sg0] tag#1224 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[  125.972638] sd 0:0:1:0: [sg0] tag#1224 CDB: Test Unit Ready
[  125.976130] FAT-fs (loop7): bogus number of reserved sectors
[  125.978396] sd 0:0:1:0: [sg0] tag#1224 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  125.984214] FAT-fs (loop7): Can't find a valid FAT filesystem
[  125.993073] sd 0:0:1:0: [sg0] tag#1224 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
12:12:11 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000018c0)={&(0x7f00000002c0), 0xc, &(0x7f0000001880)={&(0x7f0000000000)=@setlink={0x28, 0x13, 0x105, 0x0, 0x0, {}, [@IFLA_XDP={0x5, 0x2b, [@nested={0x4}]}]}, 0x28}}, 0x0)

12:12:11 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

[  126.007844] sd 0:0:1:0: [sg0] tag#1224 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  126.016741] sd 0:0:1:0: [sg0] tag#1224 CDB[30]: 00 00 00 00 00 00 00
12:12:12 executing program 4:
capset(&(0x7f000043fff8)={0x19980330}, &(0x7f0000000000)={0xffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:12 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:12 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:12 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(0xffffffffffffffff, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:12 executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000300)={{}, {0x4000000000000304, @dev}, 0x0, {0x2, 0x0, @multicast1}, "00000080000001000000007000"})

12:12:12 executing program 7:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f00000004c0)='./file0\x00', 0x14104a, 0x0)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000400)={0x2, 0xfffffffffffff215, 0x6, 0x3})
write$evdev(r0, &(0x7f0000037fe8)=[{}], 0x18)
inotify_init()
sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={&(0x7f0000000140), 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000"], 0x1}}, 0x0)
syz_open_dev$amidi(&(0x7f0000000780)='/dev/amidi#\x00', 0xffffffff, 0x200)
sendfile(r0, r0, &(0x7f0000000080), 0x2000000800004c36)
creat(&(0x7f00000000c0)='./file0\x00', 0x4)

12:12:12 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:12 executing program 4:
capset(&(0x7f000043fff8)={0x19980330}, &(0x7f0000000000)={0xffffffff})
syslog(0x0, &(0x7f0000000040)=""/23, 0x17)

12:12:12 executing program 5:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000833000)={&(0x7f0000564000)=@abs, 0x6e, &(0x7f0000451ff0)=[{&(0x7f0000007000)="002a932f01000000cf960802e02348f800000000001c0003f2a576", 0x1b}], 0x1, &(0x7f00001f9fe0)}, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000c5ff7)='/dev/sg#\x00', 0x0, 0x0)
ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000007000)={0x0, 0x0, 0x537})
ioctl(r0, 0x2285, &(0x7f0000007000)='S')

12:12:12 executing program 3:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
mount(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='cgroup2\x00', 0x0, 0x0)
stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setregid(0x0, r0)
rmdir(&(0x7f0000000240)='./file0//ile0\x00')
mkdir(&(0x7f0000000680)='./file0//ile0\x00', 0x0)

12:12:12 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:12 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0)
write$vnet(0xffffffffffffffff, &(0x7f00000002c0)={0x1, {&(0x7f0000000080)=""/212, 0xd4, &(0x7f0000000200)=""/176}}, 0x68)

12:12:12 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:12 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:12 executing program 4:
timer_create(0x7, &(0x7f0000000040)={0x0, 0x31, 0x3, @thr={&(0x7f00000003c0)="71e56553ece12c96720ed34cbd4e65e967f82f3f12e15c46cba5e6a201504705a73aca33b9c6fa1f9b0994e81f7d14c6d3ada2ae09c34767487731adc81c707f1c4282458be1", &(0x7f00000008c0)="17195210182685abd2111abbf2e3118c211eab0c96e49d90feb6f7a7bdcfee5a3b706d2a94e8dcc98a9db5d3cb3fe06c9da98a51978e5ee22aa5a331afa498cb0ce66e3f81c5ebd8e60af66ffba136b96a5bb66ad53cb15e871cc4651cebb9a3168495dddef02ea953b421f51b755f6b0f668145946d2c4f8fca0e55e2ba3adb3b2f426fe643e6e323e72f70e54bb92381cbdaef4e535be0dfe9f7ede97169a68490e5f084f08402ff8194965a88f289076a76abbc491db378a79adf706d3c0258c95e09779dc09219f1148daa348d35ceb8bbddce095db9bda3a704"}}, &(0x7f0000000200)=<r0=>0x0)
timer_getoverrun(r0)
r1 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x105082)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000740)='/dev/cuse\x00', 0x10000, 0x0)
getsockopt$ARPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x63, &(0x7f00000009c0)={'NETMAP\x00'}, &(0x7f0000000a00)=0x1e)
r3 = memfd_create(&(0x7f0000000140)="000400008c00000000000000000000", 0x0)
r4 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$LOOP_GET_STATUS(r2, 0x4c03, &(0x7f0000001e80))
setsockopt$inet_dccp_buf(r3, 0x21, 0x0, &(0x7f00000007c0), 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x0, 0x0)
io_setup(0x6, &(0x7f00000004c0)=<r6=>0x0)
io_cancel(r6, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x7552, r4, &(0x7f0000000500)="21427c5dc5c58f3029803ece6a6ef732dba030cc508f512935c459e8453977682eef4b54605fb8bfb6778cb03431d2704c87f65cd680c10d59c0fa8d16e100a74e540684d7f915bc029bd0a1644210c791d2586d9b6766c1ce7f1bc07a5d7d318a65a7c9c0537e8ae49b370c1ef2cb5fe11a32db764ca3f1774db24ec5a44388f0b4690387feedfd857cee3a92166e99ed6921fb09c362722215c78a179d6ca4bb3a7c88414a6a4fee83a6357f475a28dc4e3016f6cd13357b6094fab3a01a52838f5fa5a4f49b336d3126ca9d43678e6217ee120a638a9869ad3a88a6", 0xdd, 0x100, 0x0, 0x1, r3}, &(0x7f0000000640))
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = syz_open_dev$sndpcmp(&(0x7f0000000700)='/dev/snd/pcmC#D#p\x00', 0x3, 0x4)
readv(r5, &(0x7f0000001d80)=[{&(0x7f0000000b00)=""/4096, 0x7ffff000}, {&(0x7f0000001d00)=""/89, 0x59}], 0x2)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r7, 0x10e, 0x1, &(0x7f0000000380)=0x12, 0x4)
getegid()
ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000440)=<r8=>0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000680)={{0x16, 0x0, 0x0, 0x0, 0x0, 0x18f}, 0x0, 0x2, 0x0, 0x3f, 0x80000000, 0x0, r8})
pwritev(r3, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81001)
clock_gettime(0x3, &(0x7f00000000c0))
syz_open_dev$sndtimer(&(0x7f0000000480)='/dev/snd/timer\x00', 0x0, 0x200)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r3)
getsockopt$ARPT_SO_GET_ENTRIES(r7, 0x0, 0x61, &(0x7f0000001b00)=ANY=[@ANYBLOB="6669717465720000000000000000000000000000000000000000000000000000ba000000c5bc8a2eae6fecf325423b7c6d78241e393550bc6172d16171e001d6e3ebb68aa1b66637e5ec588fedff6c980500000000000000d903f0493e00bafa2fd26aee5be52d4b5deb29bc2cd655106e5d83a836a7cf3a99f587761c38d23de5bb2a48ee83b0773e23819d53cd64f59bcbad1384c0b5ba85e67f845e93738757d327da9ea651afbaee9f7e8dad436b206df990539e1b31fff71e9c2128ff5200e6e144fc17ec1e8c93dc6bc611b1551704a00c66575b86d34821b7ee92040073194f28a8a4d073baca142e67e82962c5ae51a00142396e6ffbe91eb902c990a4482c276d31eed274fc540be55942831cf1a71672df92d79bef1976fd30f07cb7ca5106024363bb341012c836ee97547d731edfc50188f554917cc3f61c540693cad28dd7acc6d456566568546215fd55"], &(0x7f0000000a40)=0x1)
sendfile(r1, r1, &(0x7f00000ddff8), 0x102000001)

[  126.291428] sd 0:0:1:0: [sg0] tag#1227 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK
[  126.300291] sd 0:0:1:0: [sg0] tag#1227 CDB: Test Unit Ready
[  126.306060] sd 0:0:1:0: [sg0] tag#1227 CDB[00]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  126.314941] sd 0:0:1:0: [sg0] tag#1227 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  126.323839] sd 0:0:1:0: [sg0] tag#1227 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  126.334084] sd 0:0:1:0: [sg0] tag#1227 CDB[30]: 00 00 00 00 00 00 00
12:12:12 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:12 executing program 0:
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:12 executing program 7:
unshare(0x8000400)
r0 = mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x2})
mq_notify(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, @thr={&(0x7f0000000040), &(0x7f0000000100)}})
pread64(r0, &(0x7f0000000040)=""/66, 0x42, 0x0)

12:12:12 executing program 1:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a000000290100"], 0x7)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_any='access=any'}]}})
getxattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000300)=@known="73656375726974792e65766d02", &(0x7f0000000380)=""/19, 0x13)

12:12:12 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:12 executing program 3:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
shutdown(r0, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
write$binfmt_elf64(r0, &(0x7f0000000e80)=ANY=[@ANYBLOB="7f"], 0x1)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0)=[{&(0x7f0000003ac0)=""/4096, 0x1000}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)

12:12:12 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:12 executing program 4:
r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f000000affc))
r1 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0)
io_setup(0x5, &(0x7f0000000300)=<r2=>0x0)
syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000040)}])

12:12:12 executing program 7:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(hmac(sha256-generic))\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000840), 0x0)
accept(r0, 0x0, &(0x7f0000000700))
recvmsg(r1, &(0x7f000000cf80)={&(0x7f000000bcc0)=@can, 0x80, &(0x7f000000cec0), 0x0, &(0x7f000000cf00)=""/118, 0x76}, 0x0)

12:12:12 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:12 executing program 0:
r0 = socket$inet6(0xa, 0x0, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:12 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:12 executing program 1:
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x3cc0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x86)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000004c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000480)={<r1=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000500)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0xaf14, @mcast2, 0x8001}, r1}}, 0x30)
fchdir(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200)={<r2=>0xffffffffffffffff}, 0x0, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f0000000280)={0x6, 0x118, 0xfa00, {{0x6, 0x3f, "0e1c31f8ca9b6f45bc8c8ad3b072cd73501aa4689e886433753124c99c9791871a0129bd7fffbb8d3e6801568201a25b576b1635771e1cc809180fb2d2076868a3dec51ab0339cf99f04fb7843145c2b6fdb1c477fa116dbb7b16fec572d11b2f6c88277ed8a9c86d978d5317860fadece8a20633deaded1f8b5d8496e5427e514038f80e81c1633f17334c39dcb8a6cd4d813f7c0e7a179b89e3009cd01d77044edf2394e6981563ebbe7ed2c47e784bbbd2f27b3af05438aee80f29cf4b192f76b92e97c6dcb8238b7fc8bd514d7dcb8f0cd2f01b13c98b73201504321f07b2a2d4d7f78ae5a740fdeb27a00e876dd6d2c2f86146772a7f8af4d6b87215e97", 0xbb, 0x10001, 0x8, 0x1ff, 0x5, 0x400, 0x9}, r2}}, 0x120)
r3 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000400), 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x0, 0xa}}, 0x20)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f00000003c0))
sendfile(r3, r3, &(0x7f00000000c0), 0x8080fffffffe)

12:12:12 executing program 6:
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}})
write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:12 executing program 3:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x8)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000b82000)={0x10000004})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0)
epoll_wait(r2, &(0x7f0000000040)=[{}], 0x2a7, 0x0)
recvmmsg(r0, &(0x7f000030efc4)=[{{&(0x7f0000413ffa)=@hci, 0x6, &(0x7f0000b60000), 0x0, &(0x7f00004f9000)}}], 0x1, 0x0, 0x0)

12:12:12 executing program 4:
pipe2$9p(&(0x7f0000000d40)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access'}}]}})
vmsplice(r0, &(0x7f0000000440)=[{&(0x7f0000000640)="ad2bb8c0df1f14bae6473b0ff3e8043d3ba2b766d05643f6e2e0b58a7941ac46e012d83c49a70362a4610b88c78ea0fff150245f1656d63a72f8ed4eca9ef7261fa79caa2a", 0x45}], 0x1, 0x0)
setxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000380)=@known='system.posix_acl_default\x00', &(0x7f0000000400)=':\x00', 0x1ad, 0x0)

12:12:12 executing program 7:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
sendto$inet6(r1, &(0x7f00007a8fff), 0x0, 0xfffffefffffffffe, &(0x7f000006ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = memfd_create(&(0x7f0000000ffe)='$\x00', 0x0)
write(r2, &(0x7f0000002000)='/', 0x1)
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ffe000/0x1000)=nil, 0x1000})
sendfile(r2, r2, &(0x7f0000000040), 0x8001)

[  126.666498] 9pnet: Insufficient options for proto=fd
[  126.692641] 9pnet: Insufficient options for proto=fd
12:12:12 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:12 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:12 executing program 4:
r0 = syz_open_dev$sndtimer(&(0x7f0000000180)='/dev/snd/timer\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0x40485404, &(0x7f0000000040)={0x1})

12:12:12 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

[  126.834257] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000618)
[  126.841529] FAT-fs (loop1): Filesystem has been set read-only
[  126.869139] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000618)
12:12:12 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:12 executing program 4:
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000003c0)="80000000000200099f027100e60100006c000000000000000100000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000500))

12:12:12 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

[  126.894378] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 16)
[  126.916997] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000020)
[  126.937644] 9pnet: Insufficient options for proto=fd
12:12:12 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000dc1000)="71e67a15cdf0311cfc093a52a7d86bd1", 0x10)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
io_setup(0x7ff, &(0x7f0000000f40)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000001440)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000340), 0x87}])

[  126.981404] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  127.044519] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
12:12:13 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:13 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

[  127.285301] 9pnet: Insufficient options for proto=fd
12:12:13 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005)
read$eventfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)

12:12:13 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x800)

12:12:13 executing program 4:
add_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f00000000c0), &(0x7f0000000040)="f1adeb1af82ebaacf3297c7422f1bd4355db6251ba98a1e2907b45d18f94a487d352e5fc3064bfe27e0dfe1aec6106fa2a0038bdf11a27dec359de1cd7168756278c52dea94eee1cfbb42887d37ef802ac13636a678791c1882b9b3f8f350b8b2300", 0x62, 0xfffffffffffffffb)
r0 = socket$kcm(0x29, 0x7, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000100)={'syzkaller1\x00', {0x2, 0x0, @loopback}})
r1 = perf_event_open(&(0x7f0000000180)={0x0, 0x3e4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x0, 0x82)
r3 = memfd_create(&(0x7f0000000140)="000000000000000000000000000000768e05f7c155ad7dc6947c573e5a69244e76382c0aa63d575ea3597f8b1728277ef76b30544d7ba92dcf978f1f81dc1b7f8f7b3451dada02ecb4f1ddcc8b5241da8945666e0073c25a6287c64dbea37a", 0x0)
unshare(0x10040000)
pwritev(r3, &(0x7f0000000900)=[{&(0x7f00000009c0)="1f", 0x1}], 0x1, 0x81a06)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, r3)
sendfile(r2, r2, &(0x7f0000000000), 0x20000102000007)
getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x1, &(0x7f0000000200), &(0x7f0000000280)=0x60)

12:12:13 executing program 3:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ptmx\x00', 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000080)={@remote={0xfe, 0x80, [0x6, 0x8]}, 0x48, r1})
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @mcast2, 0x4}, 0x1c)
sendmmsg(r0, &(0x7f0000007e00), 0x136a88c8311572c, 0x0)

12:12:13 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket(0x1f, 0x2000000000000005, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x3, &(0x7f0000000040)={&(0x7f0000ffa000/0x3000)=nil, 0x3000}, &(0x7f0000000080)=0x10)

12:12:13 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:13 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:13 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:13 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0x2}, 0x10}}, 0x800)

[  127.492565] Invalid option length (0) for dns_resolver key
12:12:13 executing program 2:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

[  127.555088] Invalid option length (0) for dns_resolver key
12:12:13 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:13 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[], 0x0)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:13 executing program 1:
r0 = socket$inet(0xa, 0x6, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x10d, 0x6, &(0x7f0000000080)={0x0, 'ip6gretap0\x00'}, 0x20000083)

12:12:13 executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000aba000)={&(0x7f0000791000), 0xc, &(0x7f0000e2a000)={&(0x7f0000831000)={0x14, 0x7, 0xa, 0xfffffffffffffffd}, 0x14}}, 0x0)

12:12:13 executing program 0:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:13 executing program 2:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:13 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:13 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x10, &(0x7f0000000080), 0x0)

12:12:13 executing program 4:
unshare(0x64000400)
openat$md(0xffffffffffffff9c, &(0x7f0000000240)='/dev/md0\x00', 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x800040002)
ioctl$LOOP_CHANGE_FD(r0, 0x4c08, 0xffffffffffffffff)

[  127.856383] IPVS: ftp: loaded support on port[0] = 21
12:12:14 executing program 3:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x1, 0x0)
ioctl$int_in(r0, 0x8000008004500b, &(0x7f0000000080))

12:12:14 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:14 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000039ff8)={<r0=>0xffffffffffffffff})
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000801ff8)=@file={0x1, './file0\x00'}, 0xa)
connect$unix(r0, &(0x7f00000005c0)=@file={0x1, './file0\x00'}, 0x6e)

12:12:14 executing program 1:
mkdir(&(0x7f000000dff6)='./control\x00', 0x0)
r0 = open(&(0x7f0000039000)='./control\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f000002cff6)='./control\x00', 0x0)
mkdirat(r0, &(0x7f00000000c0)='./file0\x00', 0x0)
r1 = openat(r0, &(0x7f0000025000)='./file0\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000040)='./control\x00', 0x0)
renameat2(r1, &(0x7f0000000000)='./control\x00', r0, &(0x7f0000000100)='./control\x00', 0x5)

12:12:14 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:14 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x102d}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000000100)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x15, 0x0, 0x2}, [@ldst={0x7}]}, &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0x3e9, &(0x7f000000cf3d)=""/195}, 0x48)

12:12:14 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:14 executing program 7:
read(0xffffffffffffffff, &(0x7f0000000000)=""/177, 0xb1)

12:12:14 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a0000002901000000000000000000000000000000"], 0x15)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:14 executing program 1:
creat(&(0x7f0000000440)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

12:12:14 executing program 4:
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x0)
accept(r0, &(0x7f0000000000)=@pptp={0x0, 0x0, {0x0, @dev}}, &(0x7f0000000080)=0x80)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
sendto$inet6(r1, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local, @local, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xa}}}}}}}, &(0x7f00000002c0))

12:12:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mq_open(&(0x7f0000000240)='/dev/md0\x00', 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0xffffffff})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000080))
dup3(r0, r1, 0x0)

[  128.280895] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  128.298695] TCP: request_sock_TCPv6: Possible SYN flooding on port 20000. Sending cookies.  Check SNMP counters.
12:12:14 executing program 2:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:14 executing program 3:
r0 = semget$private(0x0, 0x8, 0x0)
semop(r0, &(0x7f0000000000)=[{0x0, 0x8001}], 0x1)
semtimedop(r0, &(0x7f0000000100)=[{0x7, 0x3}], 0x1, &(0x7f0000000180))
semop(r0, &(0x7f0000000080)=[{0x0, 0xc0, 0x1800}, {0x7}], 0x2)
semop(r0, &(0x7f0000000240)=[{0x0, 0x7fff, 0x1000}], 0x1)

12:12:14 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:14 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66"], 0x20)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:14 executing program 1:
mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000527ff8), 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
r2 = timerfd_create(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x40002017})
timerfd_settime(r2, 0x0, &(0x7f0000005000)={{}, {0x0, 0x989680}}, &(0x7f0000000fe0))
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
socket$bt_bnep(0x1f, 0x3, 0x4)
epoll_pwait(r1, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffffffffffff7, &(0x7f00009d2000), 0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000021ff4)={0x2001})

12:12:14 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000040)='team_slave_0\x00')

12:12:14 executing program 2:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000880)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x6e0}]})

12:12:14 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:14 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c653000"], 0x25)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:14 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:14 executing program 1:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000080)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x13, r0, 0x0)

12:12:14 executing program 3:
r0 = semget$private(0x0, 0x8, 0x0)
semop(r0, &(0x7f0000000000)=[{0x0, 0x8001}], 0x1)
semtimedop(r0, &(0x7f0000000100)=[{0x7, 0x3}], 0x1, &(0x7f0000000180))
semop(r0, &(0x7f0000000080)=[{0x0, 0xc0, 0x1800}, {0x7}], 0x2)
semop(r0, &(0x7f0000000240)=[{0x0, 0x7fff, 0x1000}], 0x1)

12:12:14 executing program 2:
perf_event_open(&(0x7f0000000200)={0x0, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:14 executing program 4:
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r0, 0x6)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
sendmmsg(r1, &(0x7f0000004480)=[{{&(0x7f00000014c0)=@xdp, 0x80, &(0x7f00000018c0), 0x0, &(0x7f0000001940)}}, {{&(0x7f0000002e80)=@rc, 0x80, &(0x7f0000002f40), 0x0, &(0x7f0000002f80)}}], 0x2, 0x0)
dup3(r0, r1, 0x0)

12:12:14 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c653000000000"], 0x28)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:14 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:14 executing program 0:
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
close(r0)
syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x0, &(0x7f00000005c0), 0x0, &(0x7f0000000640)={[{@shortname_lower='shortname=lower'}, {@nonumtail='nnonumtail=1'}]})
syz_open_procfs(0x0, &(0x7f0000000280)='mounts\x00')
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000c85000))
mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='jffs2\x00', 0x201000, &(0x7f00000002c0))
pivot_root(&(0x7f0000001380)='./file0\x00', &(0x7f00000016c0)='./file0\x00')

12:12:14 executing program 1:
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000000)=0xfffffffffffffff8, 0x4)

12:12:14 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:14 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:15 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00002e8fa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)-generic\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001000)="a2", 0x1)
io_setup(0x800, &(0x7f00002eeff8)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00001f5ff8)=[&(0x7f000011e000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f00002e9ff7)="b2", 0x1}])

12:12:15 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:15 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c65300000000000"], 0x29)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:15 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

[  129.062991] FAT-fs (loop0): Unrecognized mount option "nnonumtail=1" or missing value
12:12:15 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:15 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffff7ffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:15 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(0xffffffffffffffff, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:15 executing program 3:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0xa04, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/1, 0x1}], 0x2000000000000214)

12:12:15 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$fiemap(r0, 0xc0189436, &(0x7f0000000000)={0x0, 0x0, 0x7, 0x0, 0x27f})

12:12:15 executing program 7:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:15 executing program 0:
syz_mount_image$msdos(&(0x7f00000000c0)='msdos\x00', &(0x7f0000000000)='./file0\x00', 0x40000000000e8fd, 0x1, &(0x7f0000000040)=[{&(0x7f0000000200)="eb2c906d6b66732e666174000404010a02000274f1f8", 0x16}], 0x0, &(0x7f0000000540))

12:12:15 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:15 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:15 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:15 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:15 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:15 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:15 executing program 1:
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000180)=[{{&(0x7f0000000540)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @remote}}}, 0x80, &(0x7f00000009c0), 0x0, &(0x7f0000000080)=""/88, 0x58}}, {{&(0x7f0000000ac0)=@pppoe={0x0, 0x0, {0x0, @local}}, 0x80, &(0x7f0000001fc0)=[{&(0x7f0000000b40)=""/254, 0xfe}, {&(0x7f0000000cc0)=""/230, 0xe6}, {&(0x7f0000003840)=""/4096, 0x1000}, {&(0x7f0000000e00)=""/101, 0x65}, {&(0x7f0000000e80)=""/111, 0x6f}], 0x5, &(0x7f0000000f00)=""/19, 0x13}}], 0x2, 0x0, &(0x7f0000002cc0)={0x77359400})

12:12:15 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:15 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:15 executing program 7:
perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(0xffffffffffffffff, &(0x7f0000000000)=""/177, 0xb1)

12:12:15 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:15 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

[  129.730555] 9pnet: Insufficient options for proto=fd
12:12:15 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:15 executing program 7:
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r0, 0x10c, 0x8, &(0x7f0000000440)=0xfffffffffffffffd, 0x4)

12:12:15 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno'}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

[  129.874525] 9pnet: Insufficient options for proto=fd
[  130.379483] device bridge_slave_1 left promiscuous mode
[  130.384972] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.401733] device bridge_slave_0 left promiscuous mode
[  130.407189] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.064222] team0 (unregistering): Port device team_slave_1 removed
[  131.072658] team0 (unregistering): Port device team_slave_0 removed
[  131.080818] bond0 (unregistering): Releasing backup interface bond_slave_1
[  131.091196] bond0 (unregistering): Releasing backup interface bond_slave_0
[  131.109142] bond0 (unregistering): Released all slaves
[  131.280787] IPVS: ftp: loaded support on port[0] = 21
[  131.631935] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.638353] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.646001] device bridge_slave_0 entered promiscuous mode
[  131.667929] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.674350] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.681316] device bridge_slave_1 entered promiscuous mode
[  131.702581] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
[  131.724869] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
[  131.778256] bond0: Enslaving bond_slave_0 as an active interface with an up link
[  131.800630] bond0: Enslaving bond_slave_1 as an active interface with an up link
[  131.882453] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
[  131.889574] team0: Port device team_slave_0 added
[  131.909790] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
[  131.916934] team0: Port device team_slave_1 added
[  131.938720] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  131.960958] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  131.979747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  131.999519] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  132.158395] bridge0: port 2(bridge_slave_1) entered blocking state
[  132.164750] bridge0: port 2(bridge_slave_1) entered forwarding state
[  132.171372] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.177796] bridge0: port 1(bridge_slave_0) entered forwarding state
[  132.184838] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  132.765676] 8021q: adding VLAN 0 to HW filter on device bond0
[  132.823715] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
[  132.881480] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
[  132.887613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  132.894850] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  132.948897] 8021q: adding VLAN 0 to HW filter on device team0
[  133.138488] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
12:12:19 executing program 0:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000))
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000300)={'filter\x00', 0x4}, 0x68)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000500)={0x0, 0x8000000000001, &(0x7f0000000400)=""/193, &(0x7f0000000280)=""/97, &(0x7f00000001c0)=""/127})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000000c0)=ANY=[])
syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0xffffffffffff0bbb, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, &(0x7f0000000380)=""/115, &(0x7f0000000580)=""/156, &(0x7f0000000940)=""/185})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000006c0)=0x1)

12:12:19 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:19 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005)
read$eventfd(r0, &(0x7f0000000000), 0x8)

12:12:19 executing program 4:
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:19 executing program 7:
perf_event_open(&(0x7f0000000080)={0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94b0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mixer\x00', 0xfffffffffffffffe, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/loop-control\x00', 0x503000, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = memfd_create(&(0x7f0000000300)='\x00 ', 0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000053ff3)='/dev/snd/seq\x00', 0x0, 0x0)
r3 = dup2(r1, r2)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000240)={0x0, 0x0, 0x0, "9ede7a8c5ae95ec8672c93340f643a664f13eeab65c0322901dc6bd36cde2c51f01b7f0b014f9f91eeb7c37c7240f476c8d753d000aa8faf8fb574dbcfa6dc4d", 0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000001680)={&(0x7f0000000440)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001600)=[{&(0x7f0000000600)="7d71b40ace25e6ad5659e3a3f2c34d86ecc0ac0d31c0c0adb2873db67f5ab3020f0892eec6161ce83aae8a8db9cb349ecb23f174fafbf4d245fac2a546b48cd12d3f63929a3471c6e2266bbd5a4f41f41da6bfe9fe74a3050495a43e326b3c0a508eed4bcc41a235736319d2d683bdf02558c138756ea679728c1fb49be3d85cf50a99a345ef8dd37d473fedcc84ed03f62fc95506cfc6a999204230cc06fa1a773ff6e4ea5aaf714dd0f53d0883834d1882b2a3ce17eb9ac5ff6c6f0817208b10c809f120132f8d8ac710340cb0cb0bbc7130d8c41d3bda8d59f3176879d7112d235a287a4fffad516b4eca880027a76585072c29864fc66dd0c2998cd5cd89b7f38b5b7e16c3bbc23331acfa72606418ae1ddd73cbd37f2bcc7454740dfe7410998fd9901d8e895fa5701329f662695b0c5774ddef9f5166a8366617b06633b6cf52f8974adbac29db22f0ac1ea29af22dc59197995f243d1a9bcf92a9a3048182a70071632739caca93dc92c491871610d7d9be12d0a1586e40deb8cc07453c49f2ebe30532871a316b7b73641bcf7b3735c441f0d825c6e4b196e21d8a44c010d821dc0566e579188d536de0bfdbb12234818172d5a31d425c95cc165f4b8fa056d2035930a3f0de0688062e59a2ae9c1400ff0586c54040768ae26d6324ac08a2971ea05087c28e1112cffb0cecb5d2351353ea6383dcf5a8eebd3734470b044b535db405c376608191a664936c4123b69555f96a1f3f8b1fe5c501af519adf007a2f4662407e7929716d0ac5ec5a91a4a7ad4ec27a48eecd02a403b8754c3212a3a5df09d1ee863c4807cbce5890c86f68d96549f88e88da9cd86fac200ba63893b77e47b67e20bd8d93e03090c42d8fd9c13210d9c10781133646c7a08fa9fe9ef0dafb0b4fe2fbf9a9ec6bd2682ebdece6d7d87781ddd7b130ff36480fdecad0f8b3b7bb4b32a10be62412a8eb7ffad696800b6b7a1d56bfbeaaea106a9f6d00c223a74807371532188a0684a350d9cc40aad2a2301093a16cde8a4ead473f59f08cd8030c7f2e430fcf705953755ea866e44aeaa804bfde19c915832babb61f6e025bb054d132b17240854ccabea81a6b494ecbc3e2d089a8c7f0a4354a14d6a88487f4e750c02c95900c6bc3cab8c5986a20ef9a719192ea451cf210b4b91ff6acfc13e697b85502cbaa1dfa545e3b29f5a676a1b020c91ed555854b1c23ed7f9c200b2cc035d50e38d3c4ce2883ac5f8afe7283f275319b92544029530620f650bc707f311aaa0a98b023ace71ddc8d8f2b61b3864913aa0f2022a2ba265537c2830153a4cd83d0d39a2875d570616958d8f4d5e70234b58a28932a92806c3abdbad5350ef9e9844f31012042782c1393c5ffb74715ceff20cf43ce963cbcd17332edd49b8c060687ae0586e20b804ac9b29fe7bd1611609a14316a2c963aaecdcac30235572dbed8a5c6a55f2d379143a679f3b066ffc7d18c14ed2191ac739cec3eaac96bd6b8016a9e40494b13dc2e4ac7355ddaa299f9b4b9746561d665e9f1e27eac83608df631d1c545c80c09592fd8098e85768d3713b62245a8bbef2fb91cd72342c72db24196a802b179e6eabb5f974ba5fad7bd8a6da4cfa3b2f2c2cb7cebac64e33c617faed2cefab36eb9ca045e4c33beaec20dfd55be8ac2bb97601ae8f0cf51df7868b0ea1223ffba80ba12892e40a5f37cf3a5cfae6927dfb10e561593749515e51aecc1b96c429f4a977bddb72230304befc1aa1fe068070e9e15e2b341beba6af337718b832294a9eab4caab4cbc063dcfbde450b304340184fed189c8fd357242ffb165032dbab93845e158f516d8a9e80f651360ef5b388caeb008e27f89ce553064c6edd257463f1d4e3d6bd7b4425017e67fa23ca0b431564764a1ea710a52082fd20ec8bbafd399e73e8b9c2aa27a5c7d7b65360f650a84aa3b3ff7b61284de75ca6014043dfa7cffa7adea8f1d5676e0bcd95afe6edea2af57773b8be4294d385c943b1d12b265ed7c3e4e2858548f628cedf1606accb19b17a1368a58df0751b3fab4b7610d02cb09b9ed2634fdb3cd0effa39cda8ce6d3bf044fdec641c2ce535ac8b1dd2391498bc4102769254440c7da63925bba16acf7612cc9e06e9ca9c7fb6df73370519b2cc6eccddb8c95f298e1bae417ab3e58972f1c8fa065459354b21d5c0cf65ae5d4be7d875d066c9231d13dea758f6d54db427a6609aa0851dd3f7382203843f6c5d7e1a0581224c6a082bf45893313b8da44725f6348d7faf200ed06525419145d750184863cbd34c60dbd958573d5cf3f6b4975d0681fbcaab3f67ab6defd34113a07c9432672ff0677d4b0f17ca4466a7d65ecf9bc96bf2cd0b589483513008af91134409d9eb39933f9240ff5301271ddcb45592a19d42a99f64b9043d53f218e2e6e9d0e014dfa6feae3717ee5250dd0e79f67caa6b67e87e68d583a233279badb0d6934e69171054c8b7c5a0e3ead6e0171a718f8123b7b481c5d5f1962e0b610eed6ddc45b338ab705584d58426b7da564368c76a715989b3b9f2a356c993d2299834634f3fc7b91ce6a630ced5a69d362a24ac726fe74708782f06c24760b72c656cb54283146478120351bf63783924b939084b04ac316682f3dfebf05974baf2e212d28adf635ef8a5126a3dc5baa74c785ed2237f3c877cdcb552ec55643f25edfce321d9a0e2f06658e061691c4d51e738b38ecd8ce1bef0ecbe2b24232a83c10a3166268716abb9f7c77a1746b1c8748cd70c262eea9f8a9dd6e9d0e086ebfb6a7953961a95c5514ed117f194541f37b83ccae0e7428deed7d8dd3f75f05f6deab628fd985546bfbe97aa9b445bf36b76c4226ad235f3de2478b7cfc965ac6367a84002cdcb3e80efb3104174068cede2f7855e84218135a1961fb59a3d962e95985a7b93576c786fdf470e91ce9da4515874ec42d6ff1fcac97b26a913d88e78a8f006107cb42999d6486a3d55335f2741c239f3d7af172d047bd23516dd729821c9104a82e146d9695ee2227eb1474b481daca5341e6e536fa615ae3087b34171ff474de3d063b1f31713fbc4d9d6731ac72901c2e68495b54ddf8311de843392cbaac1d584f03c7a52624a195f1130b9517506ec4bed4b3daeca3f9f158457d937e7ff7741dce781cdae784d8d6df73524830db5f3a5348fe4c86e28867657b8a4383be66a48334e80b38e359c18c9ed8334462ce8a7ffb7474bbe9855dd56a067520d232556ef5b9694842f085df0ba51ef7786cf6be4e1dbf3385dd77d02c2ae73fcbb397f87f2632e2f90ba4089fd70c8e468db0eab876ae4bf6851dc0d7868d9a50aac9003a5a06b3dc385581fac60b497d652b5cfc7e1a9792ac31f94da8a7daa496c84ab43cc5628887f94ed098b52d40475849da30d311bbaa324967b0fd6c98bda4f2d2906335bd8553425b159365fc612e7260963ce3051218f28f63f2b9123d63834093d86f44c4ad6cf383efd1154d954dc2cc3d71d3d0b71e3bb88c4c3ff915e47790369718c0764568b48746f6c53f72fc3e721edae2b8a51290ec5660e2c5c9595f8f115c01fbf39d6762129eae756f65e62b3de1206964a30040a4ae1d6d07f69de9dfd771ce2a452c6864cacadc32dd92c872b602a62c744507c753ce80e3d0cd3604747959fb9ddb385c68aaa11585531e91e8efe9506b2fb192e3b2889a65622bf40b2d3c8a03fe34b1fa8e8c118cb7579c0ea26fd006faf2e7fc6673268e01955aff608a6071a390e9f3b7f0e1acb095683cea7152d37852eaa307ce563e4a19f0fa96f047d1b6752adb8aba518a85fbf572466dddd25b779a313ffacbd7e73912373a058d0fb302303404b034cbfdb729dd1ced30898488980029bb2ce3b1ef645de8446ba01683df8d26df4bded9eb19a093f58e645c296583fc015fa36e7d2f6b7749e95284210985c82b201d3757c02e4444351f5813806aedb13c158c0acdd3d23474faba51af696cf221e1e341e2d12fb64bbdc4ab60d8e799554fb7794c4b8de11a7fbc75e2278d21c9e21d54198ddcded485e15ef7c20c2dd5fd908c02eba97c87289f7313606d31840fd91e15796802a791791e07e450fc81cbf600998d93827b7624f16b53f325c2444e341b387731b78a59e35c9d8bb07008de928e73e1f3112ae007987754f287cdec9610751857c8ce5f51c5d4a58af5ab9038d82ec7c767a4dda5f4ff5c9bf649f17eccbe68345335b68ea7c7fc4f647090603fb1d76abec93eb1c8e05872955db6c3aa0f9031ac1c9d821b9d3218b1dc420ea89ef3d650a4f8c126c6b26f61f5e05183428469d94d443e3347e94c6cb3f5a79c85dcb037b90f2928cd003a740852fedd9d8af1702d860790a97e5169b1177b5aa348751e00440aa126185a9593c2d6532f0433f4aa6c13d6c4ec577a28722eb01b88d07b3ce8f3fca6377b92bb29ce6d22540e1f8869442230cd742722f8b9f586479248d3fadee8d2c082d9149368b79c34c0f6c07deb4439d4d7f6907b52a9949272ce93c3b54b063ea036c326707b7d5d315e40db72ea4a00ef58e9f8e0a13eb2a35bc603104b5361b616ac022d477b9e98cd6196c4a25b73832af7df4b7d2c48c8a5f7c5a0815fb7defb1406f99d2a23293e371b2855d0aeafb0e077a6be4100d8036291c75ea65783a336d73880ef0bd1a8ac1b92f365c07d46482ff289bd4711798c50757238f71e186a6a1f84b8720c3abc41a82a52882d1d25f8b75bc5e2f69186b06595b788ca30429c301bee98d6da7b29aa8e9e2777fe0410f142ca79ee8579cb75999ff00c75b280335df55fbdf0d450685dea5773911fc6f6a24056c909dad918ad8f22ee560b63db8a253c92500c7f5ab6cf6b15d2918de0b4447e4e3fb3366012d25a9db914e494e0867266f8aff1ba775833139ec74f285b24f9e459fdb4efd3577b85fe31070d5a09405a34d4e40af49b50e2810cad9cbadafd190ef2520218958036c7782cfb84f55e0053ffda213d0c1027e6daa7946d7e1d34541f3eb4a0aac2357c9d76881cd698c8a662b3579c03304c2e346faf6648b67375865110924f01b7c737c6fbb1f1f29b462f1af83c6f875c8fa9caaad15b2331d6786d0a8882c51d8ad4e8a2c7ecf78e122e08cc02c7cf3aa6725045cf0fc4e97bd23d5070400e886ddf559434c634523bcab7ffbd82ec5dc06b591cb839a69776fffe79365e25cb7ce31da4942d31c6f78fe26ac22be08ca06e86bd7fd29b5b9395172181cf2a01a89568e10fb87872f9abc70c25ff2ad5c62b4295af6856eea3e0a3ee60afd3c6cfc795bd4ab033196cc341d620a1cca3a7f7eafd94a19c892e2eb2ccdcb51e2af715756438ef9af4d98bdd973bec6c77c642cbd58f16672c9317b426277cad46eb0c4b2212caaf7c75309128fea19a1a1f757e18c6cf79f38ea973ffabfdba47f93161b62b04e084d40c4af36b06d32bafa7834428faba97920ccf9c57f44d837095a267d4f5856268f1a1c3da363276fe027ba6e4c7c4faf1a4f667725a4a73707eabd134dbe06d95976530b531be54d19cd2df527cd8addf8b402a38b4a004c72b8bddd52b46e053b8a728cbbe8b43f1749b796a7623c34da7f577214af610cf3c9fa2ab18a975d6bd3fa6c0a8462805b987aaac88a6fdebc52160ac160b9f87475ea08a0f2646c2f34901d8b82265e595be38fda17a3df446dcee65439023af0bd27523d134ed96ad89699c48caf1bc84f529a9b63ddaa80fecf06a968a268baad7ab5c027c5fdc85", 0x1000}, {&(0x7f0000000540)="0e6389ec3c9aa4dca2083a86fa0d976d2e0da9681c335d182910e5f229da81a7a6416e", 0x23}], 0x2, &(0x7f00000016c0)=ANY=[@ANYRES32=r3], 0x4}, 0x40000)
semtimedop(0x0, &(0x7f0000000040), 0x0, &(0x7f0000000100))
setsockopt$sock_void(r0, 0x1, 0x1b, 0x0, 0x0)
getpgid(0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/loop-control\x00', 0x80406, 0x0)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0)

12:12:19 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

12:12:19 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000040)={0x7b})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x0, 0x4, 0x0, 0x0, @msi}]})

12:12:19 executing program 5:
mlockall(0x1)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:19 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:19 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

12:12:19 executing program 4:
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:19 executing program 7:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000683ff4)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000200)={@multicast2, @loopback, 0x0, 0x4, [@broadcast, @multicast1, @empty, @broadcast]}, 0x20)
close(r0)

12:12:19 executing program 1:
r0 = socket(0x1f, 0x80003, 0x1)
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, {0x3ff, 0x7fffffff, 0x4}}, 0x8)
setsockopt$inet_mreqsrc(r0, 0x0, 0x0, &(0x7f0000000180)={@multicast1, @loopback, @multicast1}, 0xc)

12:12:19 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000431000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r0 = syz_open_dev$mice(&(0x7f00000001c0)='/dev/input/mice\x00', 0x0, 0x11)
r1 = syz_open_procfs(0x0, &(0x7f0000000980)='net/snmp6\x00')
sendfile(r0, r1, &(0x7f00000000c0), 0x100000000004c0)

12:12:19 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shutdown(0xffffffffffffffff, 0x0)

12:12:19 executing program 4:
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:19 executing program 7:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000000)={r2, 0x0, 0x2, r2})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000040)={r2, 0x0, 0x2, r2})

12:12:19 executing program 6:
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

12:12:19 executing program 3:
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:20 executing program 2:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000240)='/dev/rtc0\x00', 0x0, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
read$eventfd(0xffffffffffffffff, &(0x7f0000000000), 0x8)

12:12:20 executing program 1:
syz_mount_image$ext4(&(0x7f0000000280)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000000)=[{&(0x7f00000000c0)="0001000000ff000000000000c9030000ec000000010008000500000000000000002000000020000000010000000000006e5fbe5c0000ffff53ef", 0x3a, 0x400}], 0x4001, &(0x7f00000001c0))

12:12:20 executing program 4:
perf_event_open(&(0x7f0000000180)={0x0, 0xf4, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:20 executing program 3:
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:20 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000011fd4), 0x84)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0xf00)

12:12:20 executing program 7:
socket$unix(0x1, 0x0, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(0xffffffffffffffff, 0x8935, &(0x7f0000000340)={'ipddp0\x00'})
symlink(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000240)='./file1\x00')
chmod(&(0x7f00000003c0)='./file1\x00', 0x0)

12:12:20 executing program 5:
mlockall(0x1)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:20 executing program 3:
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:20 executing program 7:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
epoll_wait(0xffffffffffffffff, &(0x7f00000002c0)=[{}], 0x1, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000040)={0x7fffffff, 0x5})
r2 = syz_open_pts(r0, 0x4000000000000002)
writev(r2, &(0x7f0000003580)=[{&(0x7f0000001440)='=', 0x1}], 0x1)

12:12:20 executing program 4:
perf_event_open(&(0x7f0000000180)={0x0, 0xf4, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

[  134.174523] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  134.182095] EXT4-fs (loop1): bad block size 32768
12:12:20 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000011fd4), 0x84)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0xf00)

12:12:20 executing program 3:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:20 executing program 4:
perf_event_open(&(0x7f0000000180)={0x0, 0xf4, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:20 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000011fd4), 0x84)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0xf00)

[  134.291164] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  134.298874] EXT4-fs (loop1): bad block size 32768
12:12:20 executing program 7:
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000d81ff8)=0x101)
r1 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f0000000200)=""/28, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000400)={0xbf})
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc0605345, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc0105303, &(0x7f00000002c0))
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000480), &(0x7f0000000500)}}, &(0x7f0000000040))
r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x101800)
mq_timedsend(r3, &(0x7f0000000340)="0c6bd3dd7a63df0cbe0834089e31e2884063a84a826b0b12d5a273650a1a9727ec5d594941da2bedc344514a024785b2627b6f025e129bab2c7ba68a57f27c0d5003e1a41ceebc66f9a8265b0769a073fb8917bb0ebbfc36e5d5a40f5f7a93b805b922618e91ee1a76d60f9555e180c0313b208fa8674dfc88798f5286ff311600020c26e34a52ef663dea10ea2f7d56", 0x90, 0x4, &(0x7f0000000080)={0x0, 0x1c9c380})
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000000240))
tkill(r2, 0x1000000000013)

12:12:20 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:20 executing program 3:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:20 executing program 1:

12:12:20 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000011fd4), 0x84)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0xf00)

12:12:20 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:20 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000011fd4), 0x84)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0xf00)

12:12:20 executing program 1:

12:12:20 executing program 5:
mlockall(0x1)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:20 executing program 3:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:20 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:20 executing program 1:

12:12:20 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0xf00)

12:12:20 executing program 1 (fault-call:1 fault-nth:0):
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:20 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:20 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

[  134.625214] FAULT_INJECTION: forcing a failure.
[  134.625214] name failslab, interval 1, probability 0, space 0, times 1
[  134.636576] CPU: 0 PID: 8228 Comm: syz-executor1 Not tainted 4.18.0-rc7-next-20180801+ #29
[  134.644996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  134.654373] Call Trace:
[  134.656989]  dump_stack+0x1c9/0x2b4
[  134.660638]  ? dump_stack_print_info.cold.2+0x52/0x52
[  134.665916]  ? lock_release+0xa30/0xa30
[  134.669898]  should_fail.cold.4+0xa/0x11
[  134.673967]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  134.679079]  ? mntput_no_expire+0x18e/0xbc0
[  134.683403]  ? do_raw_spin_lock+0xc1/0x200
[  134.687632]  ? mnt_get_count+0x150/0x150
[  134.691719]  ? lock_acquire+0x1e4/0x540
[  134.695714]  ? perf_event_ctx_lock_nested+0x33a/0x600
[  134.700899]  ? lock_downgrade+0x8f0/0x8f0
[  134.705054]  ? lock_acquire+0x1e4/0x540
[  134.709023]  ? fs_reclaim_acquire+0x20/0x20
[  134.713344]  ? lock_downgrade+0x8f0/0x8f0
[  134.717498]  ? check_same_owner+0x340/0x340
[  134.721811]  ? perf_event_ctx_lock_nested+0x4df/0x600
[  134.726993]  ? rcu_note_context_switch+0x730/0x730
[  134.731922]  __should_failslab+0x124/0x180
[  134.736609]  should_failslab+0x9/0x14
[  134.740399]  __kmalloc+0x2c8/0x760
[  134.743955]  ? lock_acquire+0x1e4/0x540
[  134.747926]  ? kzalloc.constprop.123+0x1a/0x20
[  134.752855]  kzalloc.constprop.123+0x1a/0x20
[  134.757269]  perf_read+0x2a8/0xa60
[  134.763327]  ? perf_event_read_value+0x60/0x60
[  134.767913]  ? lock_downgrade+0x8f0/0x8f0
[  134.772060]  ? proc_fail_nth_write+0x9e/0x210
[  134.776547]  ? proc_cwd_link+0x1d0/0x1d0
[  134.780611]  ? kasan_check_read+0x11/0x20
[  134.784761]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  134.790293]  __vfs_read+0x117/0x9b0
[  134.793913]  ? __fget_light+0x2f7/0x440
[  134.797875]  ? perf_event_read_value+0x60/0x60
[  134.802451]  ? vfs_copy_file_range+0xba0/0xba0
[  134.807026]  ? vfs_write+0x2f3/0x560
[  134.810736]  ? fsnotify+0x14e0/0x14e0
[  134.814536]  ? lock_release+0xa30/0xa30
[  134.818514]  ? fsnotify_first_mark+0x350/0x350
[  134.823170]  ? __fsnotify_parent+0xcc/0x420
[  134.827487]  ? security_file_permission+0x1c2/0x230
[  134.832496]  ? rw_verify_area+0x118/0x360
[  134.836645]  vfs_read+0x17f/0x3c0
[  134.840108]  ksys_read+0x101/0x260
[  134.843654]  ? kernel_write+0x120/0x120
[  134.847631]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  134.853258]  __x64_sys_read+0x73/0xb0
[  134.857050]  do_syscall_64+0x1b9/0x820
[  134.860942]  ? syscall_return_slowpath+0x5e0/0x5e0
[  134.865863]  ? syscall_return_slowpath+0x31d/0x5e0
[  134.870790]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  134.875806]  ? __switch_to_asm+0x34/0x70
[  134.879886]  ? __switch_to_asm+0x34/0x70
[  134.883945]  ? __switch_to_asm+0x40/0x70
[  134.887996]  ? __switch_to_asm+0x34/0x70
[  134.892055]  ? __switch_to_asm+0x34/0x70
[  134.896122]  ? __switch_to_asm+0x40/0x70
[  134.900176]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  134.905136]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  134.910313] RIP: 0033:0x456a09
[  134.913511] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  134.932412] RSP: 002b:00007f8c9e56dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  134.940131] RAX: ffffffffffffffda RBX: 00007f8c9e56e6d4 RCX: 0000000000456a09
[  134.947393] RDX: 00000000000000b1 RSI: 0000000020000000 RDI: 0000000000000013
[  134.954654] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  134.961916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  134.969179] R13: 00000000004d2668 R14: 00000000004c6c63 R15: 0000000000000000
12:12:21 executing program 7 (fault-call:2 fault-nth:0):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:21 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0xf00)

12:12:21 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:21 executing program 1 (fault-call:1 fault-nth:1):
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:21 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:21 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:21 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:21 executing program 0:
bind$alg(0xffffffffffffffff, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080), 0xf00)

[  135.295132] FAULT_INJECTION: forcing a failure.
[  135.295132] name failslab, interval 1, probability 0, space 0, times 0
[  135.306409] CPU: 0 PID: 8257 Comm: syz-executor7 Not tainted 4.18.0-rc7-next-20180801+ #29
[  135.314825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  135.324185] Call Trace:
[  135.326798]  dump_stack+0x1c9/0x2b4
[  135.330441]  ? dump_stack_print_info.cold.2+0x52/0x52
[  135.335654]  ? trace_hardirqs_on+0x10/0x10
[  135.339893]  ? kasan_slab_alloc+0x12/0x20
12:12:21 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:21 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0xf00)

12:12:21 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:21 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0x0)

[  135.344054]  should_fail.cold.4+0xa/0x11
[  135.348123]  ? do_filp_open+0x255/0x380
[  135.352111]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  135.357241]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  135.362792]  ? fib6_node_lookup+0x205/0x290
[  135.367141]  ? fib6_add+0x14d0/0x14d0
[  135.370960]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  135.376513]  ? fib6_table_lookup+0xcac/0x14f0
[  135.381024]  ? rt6_age_exceptions+0x790/0x790
[  135.385706]  ? kasan_check_read+0x11/0x20
[  135.389864]  ? rcu_is_watching+0x8c/0x150
[  135.394030]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  135.398712]  ? trace_hardirqs_on+0x10/0x10
[  135.402957]  __should_failslab+0x124/0x180
[  135.407204]  should_failslab+0x9/0x14
[  135.411021]  kmem_cache_alloc+0x47/0x760
[  135.415089]  ? __save_stack_trace+0x8d/0xf0
[  135.419417]  ? rt6_exception_hash+0x7e0/0x7e0
[  135.423912]  dst_alloc+0xbb/0x1d0
[  135.427363]  ip6_dst_alloc+0x35/0xa0
[  135.431073]  ip6_rt_cache_alloc+0x247/0x7c0
[  135.435391]  ? ip6_create_rt_rcu+0x4c0/0x4c0
[  135.439807]  ? trace_hardirqs_on+0x10/0x10
[  135.444042]  ip6_pol_route+0x8a6/0xd20
[  135.447932]  ? ip6_pol_route_lookup+0x1130/0x1130
[  135.452775]  ? lock_acquire+0x1e4/0x540
[  135.456743]  ? is_bpf_text_address+0xae/0x170
[  135.461229]  ? trace_hardirqs_on+0x10/0x10
[  135.465464]  ip6_pol_route_output+0x54/0x70
[  135.469778]  fib6_rule_lookup+0x140/0x890
[  135.473922]  ? lock_acquire+0x1e4/0x540
[  135.477890]  ? ip6_pol_route_input+0x80/0x80
[  135.482291]  ? fib6_lookup+0x480/0x480
[  135.486180]  ? __dev_get_by_index+0x1c0/0x1c0
[  135.490669]  ? trace_hardirqs_on+0x10/0x10
[  135.494893]  ? do_raw_spin_unlock+0xa7/0x2f0
[  135.499299]  ? kasan_check_write+0x14/0x20
[  135.503540]  ip6_route_output_flags+0x2c5/0x350
[  135.508211]  ip6_dst_lookup_tail+0x1278/0x1da0
[  135.512785]  ? lockdep_init_map+0x9/0x10
[  135.516849]  ? dst_output+0x180/0x180
[  135.520643]  ? trace_hardirqs_on+0x10/0x10
[  135.524870]  ? trace_hardirqs_on+0x10/0x10
[  135.529103]  ? trace_hardirqs_on+0x10/0x10
[  135.533337]  ? trace_hardirqs_on+0x10/0x10
[  135.537560]  ? kasan_check_write+0x14/0x20
[  135.541788]  ? lock_acquire+0x1e4/0x540
[  135.545753]  ? rawv6_sendmsg+0x9ca/0x4720
[  135.549892]  ? lock_downgrade+0x8f0/0x8f0
[  135.554034]  ip6_dst_lookup_flow+0xc8/0x270
[  135.558347]  ? ip6_dst_lookup+0x60/0x60
[  135.562310]  ? kasan_check_write+0x14/0x20
[  135.566539]  ? do_raw_spin_lock+0xc1/0x200
[  135.570767]  rawv6_sendmsg+0xf0e/0x4720
[  135.574739]  ? trace_hardirqs_on+0x10/0x10
[  135.578976]  ? rawv6_getsockopt+0x140/0x140
[  135.583284]  ? trace_hardirqs_on+0x10/0x10
[  135.587519]  ? lock_acquire+0x1e4/0x540
[  135.591495]  ? trace_hardirqs_on+0x10/0x10
[  135.595719]  ? lock_release+0xa30/0xa30
[  135.599691]  ? dput.part.26+0x248/0x7a0
[  135.603662]  ? lock_downgrade+0x8f0/0x8f0
[  135.607810]  ? lock_acquire+0x1e4/0x540
[  135.611773]  ? __might_fault+0x12b/0x1e0
[  135.615829]  ? lock_downgrade+0x8f0/0x8f0
[  135.619975]  ? lock_release+0xa30/0xa30
[  135.623938]  ? check_same_owner+0x340/0x340
[  135.628262]  ? __check_object_size+0xa3/0x5d7
[  135.632759]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  135.638286]  ? _copy_from_user+0xdf/0x150
[  135.642423]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  135.647428]  ? rw_copy_check_uvector+0x30d/0x3e0
[  135.652198]  inet_sendmsg+0x1a1/0x690
[  135.655986]  ? rawv6_getsockopt+0x140/0x140
[  135.660292]  ? inet_sendmsg+0x1a1/0x690
[  135.664721]  ? copy_msghdr_from_user+0x3c4/0x580
[  135.669476]  ? ipip_gro_receive+0x100/0x100
[  135.673972]  ? move_addr_to_kernel.part.18+0x100/0x100
[  135.679249]  ? security_socket_sendmsg+0x94/0xc0
[  135.683993]  ? ipip_gro_receive+0x100/0x100
[  135.688311]  sock_sendmsg+0xd5/0x120
[  135.692014]  ___sys_sendmsg+0x7fd/0x930
[  135.695979]  ? find_vpid+0xf0/0xf0
[  135.699517]  ? copy_msghdr_from_user+0x580/0x580
[  135.704261]  ? __f_unlock_pos+0x19/0x20
[  135.708223]  ? lock_downgrade+0x8f0/0x8f0
[  135.712366]  ? proc_fail_nth_write+0x9e/0x210
[  135.716859]  ? __fget_light+0x2f7/0x440
[  135.720820]  ? fget_raw+0x20/0x20
[  135.724267]  ? kasan_check_write+0x14/0x20
[  135.728492]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  135.733408]  ? fsnotify+0xbac/0x14e0
[  135.737108]  ? vfs_write+0x2f3/0x560
[  135.740815]  ? wait_for_completion+0x8d0/0x8d0
[  135.745387]  ? lock_release+0xa30/0xa30
[  135.749354]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  135.754879]  ? sockfd_lookup_light+0xc5/0x160
[  135.759362]  __sys_sendmsg+0x11d/0x290
[  135.763239]  ? __ia32_sys_shutdown+0x80/0x80
[  135.767636]  ? __sb_end_write+0xac/0xe0
[  135.771601]  ? fput+0x130/0x1a0
[  135.774871]  ? ksys_write+0x1ae/0x260
[  135.778668]  ? ksys_ioctl+0x81/0xd0
[  135.782290]  __x64_sys_sendmsg+0x78/0xb0
[  135.786341]  do_syscall_64+0x1b9/0x820
[  135.790223]  ? finish_task_switch+0x1d3/0x870
[  135.794710]  ? syscall_return_slowpath+0x5e0/0x5e0
[  135.799626]  ? syscall_return_slowpath+0x31d/0x5e0
[  135.804543]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  135.809549]  ? __switch_to_asm+0x34/0x70
[  135.813596]  ? __switch_to_asm+0x34/0x70
[  135.817658]  ? __switch_to_asm+0x40/0x70
[  135.821705]  ? __switch_to_asm+0x34/0x70
[  135.825752]  ? __switch_to_asm+0x40/0x70
[  135.829807]  ? __switch_to_asm+0x34/0x70
[  135.833863]  ? __switch_to_asm+0x40/0x70
[  135.837916]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  135.842763]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  135.847944] RIP: 0033:0x456a09
[  135.851127] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  135.870196] RSP: 002b:00007fc9d9190c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  135.877891] RAX: ffffffffffffffda RBX: 00007fc9d91916d4 RCX: 0000000000456a09
[  135.885149] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000013
12:12:21 executing program 5:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

[  135.892407] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  135.899672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  135.906946] R13: 00000000004d2fe0 R14: 00000000004c7cf0 R15: 0000000000000000
12:12:21 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0x200000b1)

12:12:21 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
shutdown(r0, 0x0)

12:12:21 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0x0)

12:12:21 executing program 7 (fault-call:2 fault-nth:1):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:21 executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000e15000)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(sha512-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080), 0xf00)

12:12:21 executing program 5:
mlockall(0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:21 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0x8c)
syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x400440)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000180)=<r1=>0x0)
r2 = fcntl$getown(r0, 0x9)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x1, 0x0)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000200)={r3, r0, 0x61e})
mq_notify(r3, &(0x7f0000000240)={0x0, 0x40, 0x0, @tid=r1})

12:12:21 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$unix(0x1, 0x0, 0x0)
shutdown(r0, 0x0)

12:12:22 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0x0)

[  136.087021] FAULT_INJECTION: forcing a failure.
[  136.087021] name failslab, interval 1, probability 0, space 0, times 0
[  136.098703] CPU: 0 PID: 8303 Comm: syz-executor7 Not tainted 4.18.0-rc7-next-20180801+ #29
[  136.107116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  136.116471] Call Trace:
[  136.119070]  dump_stack+0x1c9/0x2b4
[  136.122716]  ? dump_stack_print_info.cold.2+0x52/0x52
[  136.127927]  ? refcount_add_not_zero_checked+0x330/0x330
[  136.133387]  ? rcu_is_watching+0x8c/0x150
12:12:22 executing program 5:
mlockall(0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:22 executing program 5:
mlockall(0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

[  136.137549]  should_fail.cold.4+0xa/0x11
[  136.141629]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  136.146769]  ? lock_acquire+0x1e4/0x540
[  136.150845]  ? rt6_uncached_list_add+0x1e1/0x280
[  136.155627]  ? lock_downgrade+0x8f0/0x8f0
[  136.159789]  ? kasan_check_read+0x11/0x20
[  136.163957]  ? trace_hardirqs_on+0x10/0x10
[  136.168209]  ? lock_acquire+0x1e4/0x540
[  136.172186]  ? fs_reclaim_acquire+0x20/0x20
[  136.176516]  ? lock_downgrade+0x8f0/0x8f0
[  136.180675]  ? rt6_uncached_list_add+0x1e1/0x280
12:12:22 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

[  136.185446]  ? check_same_owner+0x340/0x340
[  136.189785]  ? rcu_note_context_switch+0x730/0x730
[  136.194723]  ? kasan_check_write+0x14/0x20
[  136.198983]  __should_failslab+0x124/0x180
[  136.203321]  should_failslab+0x9/0x14
[  136.207139]  kmem_cache_alloc_node+0x272/0x780
[  136.211746]  ? is_bpf_text_address+0xae/0x170
[  136.216277]  ? trace_hardirqs_on+0x10/0x10
[  136.220527]  __alloc_skb+0x119/0x770
[  136.224260]  ? ip6_pol_route_output+0x54/0x70
[  136.228761]  ? skb_scrub_packet+0x490/0x490
[  136.233101]  ? ip6_pol_route_input+0x80/0x80
[  136.237523]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  136.243074]  ? xfrm_lookup_with_ifid+0x881/0x2b90
[  136.247946]  ? xfrm_policy_lookup+0x80/0x80
[  136.252295]  ? lock_release+0xa30/0xa30
[  136.256299]  ? kasan_check_write+0x14/0x20
[  136.260564]  alloc_skb_with_frags+0x13f/0x7d0
[  136.265069]  ? ip6_dst_lookup_tail+0xbbb/0x1da0
[  136.269746]  ? trace_hardirqs_on+0xd/0x10
[  136.273913]  ? skb_complete_wifi_ack+0x1e0/0x1e0
[  136.278685]  sock_alloc_send_pskb+0x8aa/0xb20
[  136.283550]  ? trace_hardirqs_on+0x10/0x10
[  136.287793]  ? sock_wmalloc+0x1f0/0x1f0
[  136.291803]  ? trace_hardirqs_on+0x10/0x10
[  136.296042]  ? trace_hardirqs_on+0x10/0x10
[  136.300280]  ? trace_hardirqs_on+0x10/0x10
[  136.304540]  ? kasan_check_write+0x14/0x20
[  136.308794]  ? lock_acquire+0x1e4/0x540
[  136.312779]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  136.318320]  ? xfrm_lookup_route+0x74/0x200
[  136.322662]  ? ip6_dst_lookup_flow+0x1ce/0x270
[  136.327248]  ? ip6_dst_lookup+0x60/0x60
[  136.331233]  sock_alloc_send_skb+0x32/0x40
12:12:22 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

[  136.335477]  rawv6_sendmsg+0x205f/0x4720
[  136.339542]  ? trace_hardirqs_on+0x10/0x10
[  136.343792]  ? rawv6_getsockopt+0x140/0x140
[  136.348120]  ? trace_hardirqs_on+0x10/0x10
[  136.352355]  ? lock_acquire+0x1e4/0x540
[  136.356352]  ? lock_release+0xa30/0xa30
[  136.360330]  ? dput.part.26+0x248/0x7a0
[  136.364302]  ? lock_downgrade+0x8f0/0x8f0
[  136.368446]  ? lock_acquire+0x1e4/0x540
[  136.372416]  ? __might_fault+0x12b/0x1e0
[  136.376466]  ? lock_downgrade+0x8f0/0x8f0
[  136.380613]  ? lock_release+0xa30/0xa30
[  136.384590]  ? check_same_owner+0x340/0x340
[  136.388915]  ? __check_object_size+0xa3/0x5d7
[  136.393413]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  136.398942]  ? _copy_from_user+0xdf/0x150
[  136.403096]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  136.408105]  ? rw_copy_check_uvector+0x30d/0x3e0
[  136.412876]  inet_sendmsg+0x1a1/0x690
[  136.416691]  ? rawv6_getsockopt+0x140/0x140
[  136.420999]  ? inet_sendmsg+0x1a1/0x690
[  136.424967]  ? copy_msghdr_from_user+0x3c4/0x580
[  136.429713]  ? ipip_gro_receive+0x100/0x100
[  136.434030]  ? move_addr_to_kernel.part.18+0x100/0x100
[  136.439298]  ? security_socket_sendmsg+0x94/0xc0
[  136.444044]  ? ipip_gro_receive+0x100/0x100
[  136.448446]  sock_sendmsg+0xd5/0x120
[  136.452150]  ___sys_sendmsg+0x7fd/0x930
[  136.456288]  ? find_vpid+0xf0/0xf0
[  136.459818]  ? copy_msghdr_from_user+0x580/0x580
[  136.464576]  ? __f_unlock_pos+0x19/0x20
[  136.468549]  ? lock_downgrade+0x8f0/0x8f0
[  136.472707]  ? proc_fail_nth_write+0x9e/0x210
[  136.477197]  ? __fget_light+0x2f7/0x440
[  136.481160]  ? fget_raw+0x20/0x20
[  136.484614]  ? kasan_check_write+0x14/0x20
[  136.488850]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  136.493868]  ? fsnotify+0xbac/0x14e0
[  136.497601]  ? vfs_write+0x2f3/0x560
[  136.501318]  ? wait_for_completion+0x8d0/0x8d0
[  136.505896]  ? lock_release+0xa30/0xa30
[  136.509870]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  136.515402]  ? sockfd_lookup_light+0xc5/0x160
[  136.519899]  __sys_sendmsg+0x11d/0x290
[  136.523777]  ? __ia32_sys_shutdown+0x80/0x80
[  136.528195]  ? __sb_end_write+0xac/0xe0
[  136.532168]  ? fput+0x130/0x1a0
[  136.535452]  ? ksys_write+0x1ae/0x260
[  136.539260]  ? ksys_ioctl+0x81/0xd0
[  136.542889]  __x64_sys_sendmsg+0x78/0xb0
[  136.546940]  do_syscall_64+0x1b9/0x820
[  136.550820]  ? finish_task_switch+0x1d3/0x870
[  136.555329]  ? syscall_return_slowpath+0x5e0/0x5e0
[  136.560249]  ? syscall_return_slowpath+0x31d/0x5e0
[  136.565182]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  136.570198]  ? __switch_to_asm+0x34/0x70
[  136.574249]  ? __switch_to_asm+0x34/0x70
[  136.578304]  ? __switch_to_asm+0x40/0x70
[  136.582353]  ? __switch_to_asm+0x34/0x70
[  136.586401]  ? __switch_to_asm+0x40/0x70
[  136.590456]  ? __switch_to_asm+0x34/0x70
[  136.594505]  ? __switch_to_asm+0x40/0x70
[  136.598556]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  136.603400]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  136.608577] RIP: 0033:0x456a09
[  136.611768] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  136.630657] RSP: 002b:00007fc9d9190c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
12:12:22 executing program 4 (fault-call:1 fault-nth:0):
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:22 executing program 6 (fault-call:6 fault-nth:0):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:22 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x4000000011)
read(r0, &(0x7f0000000300)=""/43, 0x2b)

12:12:22 executing program 0:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
r1 = gettid()
write$cgroup_pid(r0, &(0x7f0000000000)=r1, 0x12)

12:12:22 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
timer_create(0x6, &(0x7f00000000c0)={0x0, 0x37, 0x2}, &(0x7f0000000180)=<r1=>0x0)
timer_getoverrun(r1)
read(r0, &(0x7f0000000000)=""/177, 0x48f5a469c84307ff)
fcntl$getflags(r0, 0x3)

[  136.638364] RAX: ffffffffffffffda RBX: 00007fc9d91916d4 RCX: 0000000000456a09
[  136.645623] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000013
[  136.652885] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  136.660151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  136.667412] R13: 00000000004d2fe0 R14: 00000000004c7cf0 R15: 0000000000000001
[  136.727595] FAULT_INJECTION: forcing a failure.
[  136.727595] name failslab, interval 1, probability 0, space 0, times 0
[  136.738874] CPU: 1 PID: 8325 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  136.747275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  136.756720] Call Trace:
[  136.757850] FAULT_INJECTION: forcing a failure.
[  136.757850] name failslab, interval 1, probability 0, space 0, times 0
[  136.759316]  dump_stack+0x1c9/0x2b4
[  136.759331]  ? dump_stack_print_info.cold.2+0x52/0x52
[  136.759364]  ? lock_acquire+0x1e4/0x540
[  136.783889]  ? get_pid_task+0xd8/0x1a0
[  136.787778]  should_fail.cold.4+0xa/0x11
[  136.791832]  ? lock_release+0xa30/0xa30
[  136.795797]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  136.800892]  ? find_vpid+0xf0/0xf0
[  136.804478]  ? __f_unlock_pos+0x19/0x20
[  136.808445]  ? lock_downgrade+0x8f0/0x8f0
[  136.812587]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  136.818113]  ? proc_fail_nth_write+0x9e/0x210
[  136.822606]  ? proc_cwd_link+0x1d0/0x1d0
[  136.826655]  ? kasan_check_read+0x11/0x20
[  136.830800]  ? do_raw_spin_unlock+0xa7/0x2f0
[  136.835199]  ? lock_acquire+0x1e4/0x540
[  136.839163]  ? fs_reclaim_acquire+0x20/0x20
[  136.843476]  ? lock_downgrade+0x8f0/0x8f0
[  136.847618]  ? check_same_owner+0x340/0x340
[  136.851970]  ? fsnotify_first_mark+0x350/0x350
[  136.856546]  ? __fsnotify_parent+0xcc/0x420
[  136.860858]  ? rcu_note_context_switch+0x730/0x730
[  136.865775]  ? fsnotify+0x14e0/0x14e0
[  136.869566]  __should_failslab+0x124/0x180
[  136.873789]  should_failslab+0x9/0x14
[  136.877576]  __kmalloc_track_caller+0x2c4/0x760
[  136.882236]  ? strncpy_from_user+0x510/0x510
[  136.886634]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  136.892157]  ? strndup_user+0x77/0xd0
[  136.895945]  memdup_user+0x2c/0xa0
[  136.899477]  strndup_user+0x77/0xd0
[  136.903095]  ksys_mount+0x3c/0x140
[  136.906637]  __x64_sys_mount+0xbe/0x150
[  136.910604]  do_syscall_64+0x1b9/0x820
[  136.914482]  ? finish_task_switch+0x1d3/0x870
[  136.918969]  ? syscall_return_slowpath+0x5e0/0x5e0
[  136.923889]  ? syscall_return_slowpath+0x31d/0x5e0
[  136.928807]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  136.933821]  ? __switch_to_asm+0x34/0x70
[  136.937876]  ? __switch_to_asm+0x34/0x70
[  136.941929]  ? __switch_to_asm+0x40/0x70
[  136.945978]  ? __switch_to_asm+0x34/0x70
[  136.950024]  ? __switch_to_asm+0x40/0x70
[  136.954076]  ? __switch_to_asm+0x34/0x70
[  136.958126]  ? __switch_to_asm+0x40/0x70
[  136.962189]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  136.967039]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  136.972218] RIP: 0033:0x456a09
[  136.975407] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  136.994297] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  137.001995] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  137.009353] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  137.016710] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
12:12:22 executing program 1:
socket$xdp(0x2c, 0x3, 0x0)
r0 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x2, 0x94080)
write$P9_RLOPEN(r0, &(0x7f00000001c0)={0x18, 0xd, 0x2, {{0x1, 0x0, 0x4}, 0x6}}, 0x18)
r1 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r1, &(0x7f0000000000)=""/177, 0xb1)
r2 = syz_open_dev$mice(&(0x7f0000000380)='/dev/input/mice\x00', 0x0, 0x101000)
ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000200)={[{0x6, 0x7f, 0x5, 0x5, 0x2, 0x6, 0x7, 0x9, 0xd81f, 0x4, 0x4, 0x9, 0x4}, {0x46f, 0xffff, 0xb5d3, 0x65b, 0x7, 0xc86, 0x100000000, 0xb1e, 0x3, 0x4, 0x8, 0xfff, 0xf38}, {0xffffffffffff2646, 0x1, 0x4, 0x7, 0x40, 0x5, 0x2, 0x1000, 0x101, 0x81, 0x7a, 0xa58a, 0xfff}], 0x3})
ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f0000000280)={0x1, 0x5, 0x1ff, 0x7, 0x401})
write$P9_RLOPEN(r0, &(0x7f00000000c0)={0x18, 0xd, 0x2, {{0x1, 0x4, 0x4}, 0x7}}, 0x18)

12:12:22 executing program 7 (fault-call:2 fault-nth:2):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:22 executing program 0:
recvmsg(0xffffffffffffffff, &(0x7f0000001580)={&(0x7f0000000040)=ANY=[], 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000400)=""/17, 0x11}, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='attr/fscreate\x00')
pwritev(r0, &(0x7f0000001400), 0x2a6, 0x7ffffffff000)

[  137.023965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  137.031220] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000000
[  137.038494] CPU: 0 PID: 8336 Comm: syz-executor4 Not tainted 4.18.0-rc7-next-20180801+ #29
[  137.047286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  137.056638] Call Trace:
[  137.059229]  dump_stack+0x1c9/0x2b4
[  137.063184]  ? dump_stack_print_info.cold.2+0x52/0x52
[  137.068392]  should_fail.cold.4+0xa/0x11
[  137.072475]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  137.077592]  ? lock_acquire+0x1e4/0x540
[  137.081663]  ? __fdget_pos+0x1bb/0x200
[  137.085560]  ? lock_release+0xa30/0xa30
[  137.089554]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  137.095099]  ? _parse_integer+0x13b/0x190
[  137.099253]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  137.104789]  ? _kstrtoull+0x188/0x250
[  137.108596]  ? _parse_integer+0x190/0x190
[  137.112954]  ? lock_release+0xa30/0xa30
[  137.116953]  ? check_same_owner+0x340/0x340
[  137.121295]  ? lock_acquire+0x1e4/0x540
[  137.125280]  ? fs_reclaim_acquire+0x20/0x20
[  137.129613]  ? lock_downgrade+0x8f0/0x8f0
[  137.133768]  ? check_same_owner+0x340/0x340
[  137.138105]  ? rcu_note_context_switch+0x730/0x730
[  137.143048]  __should_failslab+0x124/0x180
[  137.147286]  should_failslab+0x9/0x14
[  137.151093]  __kmalloc+0x2c8/0x760
[  137.154634]  ? __f_unlock_pos+0x19/0x20
[  137.158611]  ? lock_downgrade+0x8f0/0x8f0
[  137.162773]  ? load_msg+0x42/0x320
[  137.166318]  load_msg+0x42/0x320
[  137.169688]  ? kasan_check_read+0x11/0x20
[  137.173845]  do_msgrcv+0x294/0x1780
12:12:23 executing program 6 (fault-call:6 fault-nth:1):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

[  137.177478]  ? copy_compat_msqid_to_user+0x950/0x950
[  137.182614]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  137.187548]  ? vfs_write+0x2f3/0x560
[  137.191268]  ? wait_for_completion+0x8d0/0x8d0
[  137.195859]  ? do_msgsnd+0x17a0/0x17a0
[  137.199770]  ? fsnotify_first_mark+0x350/0x350
[  137.204364]  ? __fsnotify_parent+0xcc/0x420
[  137.208688]  ? fsnotify+0x14e0/0x14e0
[  137.211685] FAULT_INJECTION: forcing a failure.
[  137.211685] name failslab, interval 1, probability 0, space 0, times 0
[  137.212501]  ? __sb_end_write+0xac/0xe0
[  137.212521]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  137.212543]  ? fput+0x130/0x1a0
[  137.236445]  ? ksys_write+0x1ae/0x260
[  137.240243]  ? __ia32_sys_read+0xb0/0xb0
[  137.244296]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  137.249833]  __x64_sys_msgrcv+0xc5/0x150
[  137.253885]  ? __x64_sys_msgrcv+0xc5/0x150
[  137.258117]  do_syscall_64+0x1b9/0x820
[  137.261998]  ? finish_task_switch+0x1d3/0x870
[  137.266489]  ? syscall_return_slowpath+0x5e0/0x5e0
[  137.271412]  ? syscall_return_slowpath+0x31d/0x5e0
[  137.276335]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  137.281348]  ? __switch_to_asm+0x34/0x70
[  137.285400]  ? __switch_to_asm+0x34/0x70
[  137.289454]  ? __switch_to_asm+0x40/0x70
[  137.293513]  ? __switch_to_asm+0x34/0x70
[  137.297564]  ? __switch_to_asm+0x40/0x70
[  137.301630]  ? __switch_to_asm+0x34/0x70
[  137.305702]  ? __switch_to_asm+0x40/0x70
[  137.309848]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  137.314711]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  137.319897] RIP: 0033:0x456a09
[  137.323099] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  137.342439] RSP: 002b:00007f5311395c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000046
[  137.350147] RAX: ffffffffffffffda RBX: 00007f53113966d4 RCX: 0000000000456a09
[  137.357412] RDX: 0000000000000057 RSI: 0000000020000140 RDI: 0000000000000000
[  137.364689] RBP: 0000000000930140 R08: a4a3ad41a879dde0 R09: 0000000000000000
[  137.371951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013
[  137.379214] R13: 00000000004d19c0 R14: 00000000004c6fc2 R15: 0000000000000000
[  137.386488] CPU: 1 PID: 8348 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  137.394896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  137.404250] Call Trace:
[  137.406851]  dump_stack+0x1c9/0x2b4
[  137.408560] FAULT_INJECTION: forcing a failure.
[  137.408560] name failslab, interval 1, probability 0, space 0, times 0
[  137.410487]  ? dump_stack_print_info.cold.2+0x52/0x52
[  137.410502]  ? __kernel_text_address+0xd/0x40
[  137.410526]  ? unwind_get_return_address+0x61/0xa0
[  137.436571]  should_fail.cold.4+0xa/0x11
[  137.440628]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  137.445721]  ? save_stack+0xa9/0xd0
[  137.449339]  ? kasan_kmalloc+0xc4/0xe0
[  137.453217]  ? __kmalloc_track_caller+0x14a/0x760
[  137.458046]  ? memdup_user+0x2c/0xa0
[  137.461767]  ? strndup_user+0x77/0xd0
[  137.465567]  ? ksys_mount+0x3c/0x140
[  137.469272]  ? __x64_sys_mount+0xbe/0x150
[  137.473414]  ? do_syscall_64+0x1b9/0x820
[  137.477480]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  137.483007]  ? proc_fail_nth_write+0x9e/0x210
[  137.487493]  ? proc_cwd_link+0x1d0/0x1d0
[  137.491543]  ? kasan_check_read+0x11/0x20
[  137.495693]  ? do_raw_spin_unlock+0xa7/0x2f0
[  137.500098]  ? lock_acquire+0x1e4/0x540
[  137.504073]  ? fs_reclaim_acquire+0x20/0x20
[  137.508388]  ? lock_downgrade+0x8f0/0x8f0
[  137.512527]  ? check_same_owner+0x340/0x340
[  137.516848]  ? lock_release+0xa30/0xa30
[  137.520822]  ? check_same_owner+0x340/0x340
[  137.525132]  ? rcu_note_context_switch+0x730/0x730
[  137.530054]  ? __check_object_size+0xa3/0x5d7
[  137.534542]  __should_failslab+0x124/0x180
[  137.538778]  should_failslab+0x9/0x14
[  137.542572]  kmem_cache_alloc_trace+0x2cb/0x780
[  137.547236]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  137.552764]  ? _copy_from_user+0xdf/0x150
[  137.556905]  copy_mount_options+0x5f/0x380
[  137.561130]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  137.566674]  ksys_mount+0xd0/0x140
[  137.570206]  __x64_sys_mount+0xbe/0x150
[  137.574182]  do_syscall_64+0x1b9/0x820
[  137.578058]  ? finish_task_switch+0x1d3/0x870
[  137.582549]  ? syscall_return_slowpath+0x5e0/0x5e0
[  137.587471]  ? syscall_return_slowpath+0x31d/0x5e0
[  137.592393]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  137.597398]  ? __switch_to_asm+0x34/0x70
[  137.601449]  ? __switch_to_asm+0x34/0x70
[  137.605497]  ? __switch_to_asm+0x40/0x70
[  137.609552]  ? __switch_to_asm+0x34/0x70
[  137.613607]  ? __switch_to_asm+0x40/0x70
[  137.617658]  ? __switch_to_asm+0x34/0x70
[  137.621806]  ? __switch_to_asm+0x40/0x70
[  137.625859]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  137.630717]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  137.635893] RIP: 0033:0x456a09
[  137.639082] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  137.657981] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  137.665682] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  137.672946] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
12:12:23 executing program 0:
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x10b203, 0x0)
r1 = syz_open_dev$ndb(&(0x7f00000000c0)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000140))
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000600)=""/143)
bind$alg(r2, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_GET_PIT(r3, 0xc048ae65, &(0x7f0000000540))
r4 = add_key(&(0x7f0000000480)='.dead\x00', &(0x7f00000006c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000700)="802c901fe4ab4522e5ddba8c6fc5e57f3d5bc538023044244fc07ace62f60aa8c8cc58648a97572fb91b848e160942b53d7abe3670f928a09781195fd7876ce064a8097cb7f20266f9a5c363f745eb0efefcee778e5445dd8ee4c7bc7a014f3224c45c25c43d9088101b59332f77adf29d6ac3fb373343c03032653f12f2375679f11c521b4bf5e1d6ea64ca3b26531576ed57c1102744800a7757e41841f5ef780702dfeafe00b942621ab592e9a0bb231e2090a4a6fea0463fea4d06583d40fbd6fa67216ebf2ccccb44cdc55671b519139d9bc983ba490095de66b9be6a4828ea0127ae5688a2b8e0a2c3f43f82a8fb19a4a91726bb0bb213def91e4bcf91c234d14597c2ef3853686633a9545d017da6f636c4d90761eb2f5a96e909da0c46527dd45bcf0fcf1d886aa0ebf10a2c7db68e8514437832f9e47257f956c4a68ea51d900a7db621c435d3ab4a0d446e4a7ca00a0cd50bfd588c24634efe0f220790125b3d32144e06cd2b32c54e6e9e5f101f54c147fe6eb5c9d7171ba2d2ae12344cbc50113b6fc6e20f8eb9ce6b8738bfc28b64fd3b7b8e0244c2fc1d04001b2cc4cd4150d0dfc66c9f7d7d723a91fe6169a6f1fa742d5838f84a373c3b8a0c63efc3c29d4003d32762645dfbb276b5f7181293f8e8a0f8e26ccc25128ed8cecf2240bb4c3dfcf24b15eb55b368ef461407019d27f33149115832919e0c3d8c10e1b1efcb9292af0ee62e220659f3a3d7e08fce3785ac978339f0312cd72317ec61235091b9b47e7c1dfff1c4fa825762ca76ac593b7a02624206159e8074bfcf9c72cb7c38b3428dc101ca4c310413747ad41d9d2e862900ff8a89deddc49bdb9c85b651f7f1da12189428337e4c7eccc9158c8157640e809b8d29cff6366bb875a9eb1876b88a3958ed205e571029d16abcb679b1d2f0df42e61626afd030423c7a7d6763342051653c07e72b03fd09a45321872e5fc48e29197fcca45e565b862de482828449b26b27c1e52fd9f5d05f27f7065d71353967755795512c67d14a335d88d9bf8a5daca7f3782805c52590336700cd477449302e2c4ba3e1f649f4f1009de0369464c7eb1b315a305baca18658ee6cd9d2995bed87604655c99d3e02fd8d645277db51ff47a2e1f137b5882aa60adbba495de3d6bd5c0d226d598978cc35fcf45ba525374698467b8d6478b4988787ebc62187e04c9adef439e5b912970cd682ee8f34a8dee7df5b6a9211605ebdb3e32034a9029e0240c59ffca124e49c5174ec7920867f33fc74edf93e8aec644b6f9cfc905143e504e5b6476174396c9a7508c48a8cf45a95fa4cd04c494f8964bbc145b4b43b170a32930f64e18636d5342cefc0ee67ed6b046f75af4774e3f1374d20c986c99494410e418cb0383276245344c82043c21c89eb2a5cae30990367c1ce1fa9c4f87943328af2d28438df93b413c6ada066dda14260f0e5ec74cb396e8caefe2857bb66934b70642398f13f0135feb9e839d7fb4ce1b0d1fae62e5d34e3a87711d57ab0c15af54477e407cd055f483989264b5436745a279fc0664606b3d7b6d652d5d38c6f16687f2b1a36faad4faae6a68d81cb197488491db96d06288065d4b60bf747ccb561f2187132603d349ac69884982769724d7e201653d62f803624ffa7bb438a6c090625178dfd5efe5b9e75e9175a301c7f1268f2c376074e146ad11f30d5e855029b477a3fcedadadde7b96389ff5d24f162dd9be4b5c77deabe5e24d6bce41f9a60eb9b7b70a50ee9e520a4bd1378fe4229ea056703962bde47f2934ccc28a4da1693cd23b9270b2791f0fb764cd6dd1459b297a322dd2d467945c533fcc88ed4686ef915ebdab370e35730b136f372676a8109267968aa554e39653ecc96140e59d4a6b9bae08b9bf039db40d6528e5d44442c7b16368d75842c07429d2b655ac580f7faaacd9ff2e8308231802df56e56eb05ecd0559ad60a2cfb561f0a1c7216ae6f30485827c707b6a843acd0f65c6ccdd2bb8f4314f1f6d4baf2f1b1e23f827b1571f8fc66c6cf6b7b3520bc3e05908e10deae853e4af57c6922fc1343b38ce8ebe153aab02cfb4a2d8ac3e749b4c04f2b9a7478dc78e0277e0386a182098db351875dd64efc1dbad211d0fa6e0cfeab5b387801f751cfe9065a0474ed38afc35f0d2b8e222039dcecdf1d1871f4637b4f8f696edb463e9b238f85b1b8634b2fe7c393e3cb9433e44934a9ab1003b759a54636b4617d0477993ff3c3a3ab9ae0a65d6b4189ed186bc35169294545a75d3b6787da895093697d0dcac824129524d8e08fdde32ddc62ce4aa38d1152cf90b9668659ccc749a497167df0911907472b0621ce0f8310e1274837cfdc1659440ba314f0cf399d8267699da1146e40739ad81ad87c9e174228f1664cd88200e8c11b25cfb33c19a53f08a43624bd31aac40a8bfe2f24f182fd353c719c8cd04555f10ad40f85e30742755679483bcc32818bd8a812a31065bfa66cf8ee002aa40627b7dd0d73fbc575159b3d04753116385996765c95c7b901608b21f4ffa1a287d61579a28df2580cc2c8731b0d3bdeba1e69434bc2ffa22522ecaaa31a40e6139c8b10cd89f258bb0518c94670ee53d516ec449e469ea935acb7f106cc95a048aaf3971fd0e0abb78f790d035bd97580f48f92021a408fdfc9e4a7dd7ec52cc8fabdbc235d72a196ca13316279c0c8a6a4403ac9b01e7a55cd0aef58fc9b116ea46fcc245ebc7520f3de4cde36eafffdc684a08cc07278c23dbb2cfe59b26ceeb10ea74d01cb1f85c51ccca79d02f7e36ce8c5c19b6d9bd6bf3599a57aa93797956026d53a50edd91c3f59e4b23b3f769d49329b173b8b4aee454cd5b4099fee11ceec990977cb57b1574f38717c3f16ff241da4dcde77fa96d1da43940342f4e7ded4c1521130dbfd74ced480e78c83db80c5a69ed81fe2d0a91227dc5c67782e9646bb2bea7ea5abc36eb330ce926d7072da0cea43c5698c0087d5451c4a8b4d18e4956d30a5043a21a52ab690f5ad733816b759adcd8bd4a8eb0167d62905ea626ad940b6631e657b9c0b28adacf05bdd88505742bbd53f76233419d2660edc59a1b8ce28b8b94991ad9bf2dd416edae5f9b93dc97fc7891c23918693266785a10df01f29ef868c05df3e937d8b4d7e8ff1d52a63996928532d1e762ebc5d69c5b58c0b4004b253b0c7b3acc1d53db96370a9e51c783511ec1c6f3ef746e28b8e196b3899a2f4e78f5abb1628a47709ea4b8ab14ca0bdbdfd30d1385a3e5a3cced75abd811e7f9eccf697743fc84d80e60df9b2d40f66186f105ba4c53d7d8eaf904a89a51a943849f14ef40edef250d6a9e9cc90aa2512a4b26fded5d5ba254e7f4d08b0b9db05c904fd075b55a322c375795d2731058f5b15a4cb5818cbc3eddba4a9b2ba8f5447c4f93d4590476f2dae2dd8e2dc860b101eb74c0ec0497c6bab1243affec1ee09bd94236ca77dfb20f8e856775d64713a987a309325eb627105ca9ae8810f4197207f6bfc141bf718a32830ae09b96a34e35e04c046860a3ab34f47cbf9647c59b5a7de3ed4619ea48f65aa8696d2bd4309c34ebd2f79ac8587ce655b3d6b135dcb525a3ef50d662c1ad9ddb15cdfaf138eb46e83175686b1374c55d0d165da89a4ced4303daa43019073c75957ddb538717041abd75daea6bb48499fad2ca67154c396e33cdbc7c04ba88615f009da851ea65794fcefc13d70b36198e75b7c61dc24ec1debd4de42f25c2c80aa4facdf0c990049503c81f684c78b8e032f7a5e2f958c57dbf34b89937a7dc9958a38666fa055a4bdbfdeb5e9da175788884a7ac44e86de7c31bc5677965509198ac176de02b06df8f595dfb66618fc7c978616654e0b2541982479295f77677455b72c9887559401fe7e61f1e3df93cd6f34073f0c0bb0b1a164938b0a9103a139daa08dcf79444db0ba3f5c5d8d623fdf636adefba08f2c0a5fa63ec597e522c68837ef51e681a57bae741c3a03cd37e8e58f522232f9d095e5788662b0ef3afab908a71afc918ea770f98d9cb3cb0bab8e7ceb1e3216e990c11e50a064c2d4bf19c2e192bbddc6c869e12b84422909d798354034cefb0b05d90cc821000155a559ad33157e2a7827a3b69cafdd4aff491ba37781d9c897d1228ff0379c9af41b9f8ab9d45bc9d56aa3dcd41d1f975eced32ab464ae33970e96879fb66ac27c9a2cfce9a2245b99a17f3ca380460fe41f53c673e55e06101ab80a59138d49010bf39bbb30a623f00485ff1dd31131f6c89d7b25d6cce6db702c2c8fcac6bc1ad87f53bf8c1bcbfa2d0c0fa5cfba90c48f429835b13b21c248d1b327b3d5ebc7b01afce50e8fc67b8f7b6570d8ad18f5645da8b65a4efa9c9d94519d4de90c87a21dc9ed56e2787fdacf98c7cd2daa53b6546eaf8659d1f22c4bff5e3822499ec9ee974039dc6290961549ecb5fca12ee81ce4153cd0b0ea2df484bb09359e09b9eb27e9aeb8e55192b711581df2d2672f2efe7c0846bbd5bc29342964083528b5818d13b82db0264578ded73ad64ac79a8df34e50b898a59d2aef845a320fa03853f1d10cf8ab23584c063b004e521df9fc0920d6bf0f3077e47298d000f05e90ff605f732faf4392113dd2e4a190797b692331488882173c8d19799a9ca6bc2f2f0d1c7b7a89a5b9251506a7224e44645243a2456a97fcb68384a5fad8d31a8605219ae61e33165728871940af51834dc77f4af034d05e9f08a4c4e740226ead91f6300cef4ff81afe86347de1b67cbba95dd5f8079319e36d5aa359d0cee42e57e23d29caa682ad6ca85dec9b61280133cd93e1c9086cf03c540e849b1f68b6200c36fbbd762c98a210bfbed76d87ef483e491ca8887a370a3d73090d2ccc2037d6197899d56345b5b6d1dc3014e0b7316cac45cf1640e764c87f3bfcab09e05c6f85092e7e600e7f5573c6843ce7396e94269f0704b1fd6414283b02a3f777a72f1f9e003837d42d8122761a003a7a3376e2383cc680662101746e7f96ac180623f78c125decbb1861379932fa748f5ae471cbaf11983c41c4cc71699ee870603ce6c6a103397cf22705eb0abcf36e4c7907f9ec2f4dcf62819ba689b15d76e983aff11424d4e49e2677d61937ea0c29b6ccfcf3cac025478e50fb39fb8efb0f69e9f0c401c026f313295ee9955e27c68c93794a8def5360945c32d7621242fe19db22a74497e755ac2cbb9d9083c65fd76784f55a13c0e93f5ea8cb5e0fa4b836942b9428634ad0d20ba1b360e3208fe75c724a8b01af4514eef326ceddcf4e72a588a85fad5530517e7bdd2a9426c572ac55ba18ac54933a5ea9658ef5d3605843df855996680fbd321a0d69d326752338655ad6f4600957e62aab43b5bb08472f0fe9630cf844f93b4bb847303a0b5574af24b7fb16aa9dbc6aa9d333c8812bf06a77d26ae4427dc51ac48798e57a8112a5d5d27b1eef8af705dc684df2cfaced36a82fc15f0c34663d36022dc7991acb37732c6162fe18c1147cd5661a19453247869984e53b4e3573497d5fe13fb1af5488c1b744ab980d0132041b63486173b1ad61e417db79d40b835ab0dac1480a10f306e3a08c1a936dde0b3e14bd90e456d4ee7412461ebc3f5e471ab9018e2e9bbfad0cd1a5732bdb70978e3a02cd102719cc396e57a2008a554ed0119ce2536e90144fe9a93ed6199a45e1b432fc6d69cbe6b14e6552f83616ec7d3e11aa74ec670090a1a683c63f46da8a0bfc8e9cd13bbe1caa16da33163f8cfae727", 0x1000, 0xffffffffffffffff)
r5 = add_key$keyring(&(0x7f0000001a80)='keyring\x00', &(0x7f0000001ac0)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$instantiate_iov(0x14, r4, &(0x7f0000001a00)=[{&(0x7f0000001700)="71c0c33537f7c1278da9905ea22d85c67a6c1e6441a7910ca25da8caf86e28d0cef86ab8c7bebcfe3f15992013de0ca7a99f1101110516e38069b1e429fd2995e36081a3e6d3e21a34ea", 0x4a}, {&(0x7f0000001840)="9f2afa1af25801e65d3c6d61be05ce5ae51c5c4859cd3c355ed37f7ac23e3e12618be7edff55e519bbdad959b4cbc7c9cf9c646dfaa18750510591df8c2a85c63192e273624dff7bead26db100863bac54bad1ecc898c1cd8d0a22dadc9bcc5b2d041d26895f40cc959077921781a15ac742b9e5ebeef587b4c3", 0x7a}, {&(0x7f0000001900)}], 0x3, r5)
accept4$llc(r3, &(0x7f00000005c0), &(0x7f00000004c0), 0x80000)
accept4(r2, 0x0, &(0x7f0000000140)=0xffffff0f, 0x0)
ioctl$EVIOCGUNIQ(r3, 0x80404508, &(0x7f0000000380)=""/131)
r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x2000, 0x0)
renameat2(r3, &(0x7f0000001900)='./file0\x00', r6, &(0x7f0000001b00)='./file0\x00', 0x2)

[  137.680216] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  137.687493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  137.694762] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000001
[  137.702040] CPU: 0 PID: 8350 Comm: syz-executor7 Not tainted 4.18.0-rc7-next-20180801+ #29
[  137.710554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  137.719919] Call Trace:
[  137.722519]  dump_stack+0x1c9/0x2b4
[  137.726149]  ? dump_stack_print_info.cold.2+0x52/0x52
[  137.731357]  should_fail.cold.4+0xa/0x11
[  137.735442]  ? __kernel_text_address+0xd/0x40
[  137.739958]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  137.745086]  ? __save_stack_trace+0x8d/0xf0
[  137.745105]  ? save_stack+0xa9/0xd0
[  137.753041]  ? save_stack+0x43/0xd0
[  137.756675]  ? kasan_kmalloc+0xc4/0xe0
[  137.760569]  ? kasan_slab_alloc+0x12/0x20
[  137.764738]  ? kmem_cache_alloc_node+0x144/0x780
[  137.764755]  ? __alloc_skb+0x119/0x770
[  137.764776]  ? alloc_skb_with_frags+0x13f/0x7d0
[  137.764796]  ? sock_alloc_send_pskb+0x8aa/0xb20
[  137.764807]  ? sock_alloc_send_skb+0x32/0x40
[  137.764822]  ? rawv6_sendmsg+0x205f/0x4720
[  137.764835]  ? inet_sendmsg+0x1a1/0x690
[  137.764847]  ? sock_sendmsg+0xd5/0x120
[  137.764858]  ? ___sys_sendmsg+0x7fd/0x930
[  137.764870]  ? __sys_sendmsg+0x11d/0x290
[  137.764893]  ? do_syscall_64+0x1b9/0x820
[  137.764916]  ? lock_acquire+0x1e4/0x540
[  137.815630]  ? fs_reclaim_acquire+0x20/0x20
[  137.819973]  ? lock_downgrade+0x8f0/0x8f0
[  137.824137]  ? check_same_owner+0x340/0x340
[  137.828557]  ? lock_downgrade+0x8f0/0x8f0
[  137.832815]  ? rt6_uncached_list_add+0x1e1/0x280
[  137.837580]  ? rcu_note_context_switch+0x730/0x730
[  137.842518]  __should_failslab+0x124/0x180
[  137.846758]  should_failslab+0x9/0x14
[  137.850576]  kmem_cache_alloc_node_trace+0x26f/0x770
[  137.855698]  ? kasan_kmalloc+0xc4/0xe0
[  137.859603]  __kmalloc_node_track_caller+0x33/0x70
[  137.864649]  __kmalloc_reserve.isra.41+0x3a/0xe0
[  137.869416]  __alloc_skb+0x155/0x770
[  137.873136]  ? ip6_pol_route_output+0x54/0x70
[  137.877639]  ? skb_scrub_packet+0x490/0x490
[  137.881970]  ? ip6_pol_route_input+0x80/0x80
[  137.886394]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  137.891945]  ? xfrm_lookup_with_ifid+0x881/0x2b90
[  137.897010]  ? xfrm_policy_lookup+0x80/0x80
[  137.901360]  ? lock_release+0xa30/0xa30
[  137.905345]  ? kasan_check_write+0x14/0x20
[  137.909598]  alloc_skb_with_frags+0x13f/0x7d0
[  137.914105]  ? ip6_dst_lookup_tail+0xbbb/0x1da0
[  137.918789]  ? trace_hardirqs_on+0xd/0x10
[  137.922949]  ? skb_complete_wifi_ack+0x1e0/0x1e0
[  137.927825]  sock_alloc_send_pskb+0x8aa/0xb20
[  137.932336]  ? trace_hardirqs_on+0x10/0x10
[  137.936595]  ? sock_wmalloc+0x1f0/0x1f0
[  137.940585]  ? trace_hardirqs_on+0x10/0x10
[  137.944842]  ? trace_hardirqs_on+0x10/0x10
[  137.949098]  ? trace_hardirqs_on+0x10/0x10
[  137.953342]  ? kasan_check_write+0x14/0x20
[  137.957650]  ? lock_acquire+0x1e4/0x540
[  137.961737]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  137.967308]  ? xfrm_lookup_route+0x74/0x200
[  137.971638]  ? ip6_dst_lookup_flow+0x1ce/0x270
[  137.976227]  ? ip6_dst_lookup+0x60/0x60
[  137.980212]  sock_alloc_send_skb+0x32/0x40
[  137.984550]  rawv6_sendmsg+0x205f/0x4720
[  137.988719]  ? trace_hardirqs_on+0x10/0x10
[  137.992971]  ? rawv6_getsockopt+0x140/0x140
[  137.997344]  ? trace_hardirqs_on+0x10/0x10
[  138.001679]  ? lock_acquire+0x1e4/0x540
[  138.005760]  ? lock_release+0xa30/0xa30
[  138.009735]  ? dput.part.26+0x248/0x7a0
[  138.013702]  ? lock_downgrade+0x8f0/0x8f0
[  138.017844]  ? lock_acquire+0x1e4/0x540
[  138.021811]  ? __might_fault+0x12b/0x1e0
[  138.025862]  ? lock_downgrade+0x8f0/0x8f0
[  138.030004]  ? lock_release+0xa30/0xa30
[  138.033970]  ? check_same_owner+0x340/0x340
[  138.038301]  ? __check_object_size+0xa3/0x5d7
[  138.042794]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  138.048340]  ? _copy_from_user+0xdf/0x150
[  138.052483]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  138.057484]  ? rw_copy_check_uvector+0x30d/0x3e0
[  138.062231]  inet_sendmsg+0x1a1/0x690
[  138.066024]  ? rawv6_getsockopt+0x140/0x140
[  138.070327]  ? inet_sendmsg+0x1a1/0x690
[  138.074295]  ? copy_msghdr_from_user+0x3c4/0x580
[  138.079037]  ? ipip_gro_receive+0x100/0x100
[  138.083344]  ? move_addr_to_kernel.part.18+0x100/0x100
[  138.088613]  ? security_socket_sendmsg+0x94/0xc0
[  138.093353]  ? ipip_gro_receive+0x100/0x100
[  138.097662]  sock_sendmsg+0xd5/0x120
[  138.101361]  ___sys_sendmsg+0x7fd/0x930
[  138.105417]  ? find_vpid+0xf0/0xf0
[  138.108946]  ? copy_msghdr_from_user+0x580/0x580
[  138.113789]  ? __f_unlock_pos+0x19/0x20
[  138.117785]  ? lock_downgrade+0x8f0/0x8f0
[  138.121919]  ? proc_fail_nth_write+0x9e/0x210
[  138.126401]  ? __fget_light+0x2f7/0x440
[  138.130362]  ? fget_raw+0x20/0x20
[  138.133799]  ? kasan_check_write+0x14/0x20
[  138.138027]  ? __mutex_unlock_slowpath+0x197/0x8c0
[  138.142952]  ? fsnotify+0xbac/0x14e0
[  138.146681]  ? vfs_write+0x2f3/0x560
[  138.150415]  ? wait_for_completion+0x8d0/0x8d0
[  138.155012]  ? lock_release+0xa30/0xa30
[  138.158979]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  138.164518]  ? sockfd_lookup_light+0xc5/0x160
[  138.169025]  __sys_sendmsg+0x11d/0x290
[  138.172916]  ? __ia32_sys_shutdown+0x80/0x80
[  138.177323]  ? __sb_end_write+0xac/0xe0
[  138.181289]  ? fput+0x130/0x1a0
[  138.184556]  ? ksys_write+0x1ae/0x260
[  138.188344]  ? ksys_ioctl+0x81/0xd0
[  138.191958]  __x64_sys_sendmsg+0x78/0xb0
[  138.196025]  do_syscall_64+0x1b9/0x820
[  138.199900]  ? finish_task_switch+0x1d3/0x870
[  138.204395]  ? syscall_return_slowpath+0x5e0/0x5e0
[  138.209321]  ? syscall_return_slowpath+0x31d/0x5e0
[  138.214240]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  138.219255]  ? __switch_to_asm+0x34/0x70
[  138.223317]  ? __switch_to_asm+0x34/0x70
[  138.227629]  ? __switch_to_asm+0x40/0x70
[  138.231679]  ? __switch_to_asm+0x34/0x70
[  138.235737]  ? __switch_to_asm+0x40/0x70
[  138.239785]  ? __switch_to_asm+0x34/0x70
[  138.243829]  ? __switch_to_asm+0x40/0x70
[  138.247893]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  138.252907]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  138.258090] RIP: 0033:0x456a09
[  138.261277] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  138.280948] RSP: 002b:00007fc9d9190c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.288641] RAX: ffffffffffffffda RBX: 00007fc9d91916d4 RCX: 0000000000456a09
[  138.295903] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000013
[  138.303168] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  138.310433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  138.317701] R13: 00000000004d2fe0 R14: 00000000004c7cf0 R15: 0000000000000002
12:12:24 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$unix(0x1, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x0)

12:12:24 executing program 6 (fault-call:6 fault-nth:2):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:24 executing program 0:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(r0, 0x2201, &(0x7f0000000000))

12:12:24 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:24 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:24 executing program 1:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000000c0))
readlink(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=""/235, 0xeb)
r1 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x200000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
mount(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='nsfs\x00', 0x40000, 0x0)
read(r1, &(0x7f0000000000)=""/177, 0xb1)

12:12:24 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:24 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc))
r2 = syz_open_pts(r1, 0x0)
ioctl$TIOCCONS(r2, 0x541d)
dup2(r0, r1)

[  138.454493] FAULT_INJECTION: forcing a failure.
[  138.454493] name failslab, interval 1, probability 0, space 0, times 0
[  138.465812] CPU: 0 PID: 8389 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  138.474324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  138.483806] Call Trace:
[  138.486411]  dump_stack+0x1c9/0x2b4
[  138.490057]  ? dump_stack_print_info.cold.2+0x52/0x52
[  138.495263]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  138.500060]  ? perf_trace_lock+0xde/0x920
[  138.504242]  should_fail.cold.4+0xa/0x11
[  138.508321]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  138.513436]  ? lock_release+0xa30/0xa30
[  138.517619]  ? kasan_check_read+0x11/0x20
[  138.521778]  ? rcu_is_watching+0x8c/0x150
[  138.525932]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  138.530620]  ? kernel_text_address+0x79/0xf0
[  138.535143]  ? lock_acquire+0x1e4/0x540
[  138.539125]  ? fs_reclaim_acquire+0x20/0x20
[  138.543463]  ? lock_downgrade+0x8f0/0x8f0
[  138.547682]  ? check_same_owner+0x340/0x340
[  138.552027]  ? rcu_note_context_switch+0x730/0x730
[  138.556970]  ? copy_mount_options+0x5f/0x380
[  138.561410]  ? ksys_mount+0xd0/0x140
[  138.565165]  __should_failslab+0x124/0x180
[  138.569631]  should_failslab+0x9/0x14
[  138.573707]  kmem_cache_alloc+0x2af/0x760
[  138.577881]  getname_flags+0xd0/0x5a0
[  138.581741]  ? fs_reclaim_acquire+0x20/0x20
[  138.586072]  user_path_at_empty+0x2d/0x50
[  138.590253]  do_mount+0x17f/0x1e20
[  138.593906]  ? check_same_owner+0x340/0x340
[  138.598252]  ? lock_release+0xa30/0xa30
[  138.602371]  ? copy_mount_string+0x40/0x40
[  138.606646]  ? kasan_kmalloc+0xc4/0xe0
[  138.610562]  ? kmem_cache_alloc_trace+0x318/0x780
[  138.615440]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  138.621118]  ? _copy_from_user+0xdf/0x150
[  138.625298]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  138.630871]  ? copy_mount_options+0x285/0x380
[  138.635506]  ksys_mount+0x12d/0x140
[  138.639172]  __x64_sys_mount+0xbe/0x150
[  138.643163]  do_syscall_64+0x1b9/0x820
[  138.647070]  ? syscall_slow_exit_work+0x500/0x500
[  138.651920]  ? syscall_return_slowpath+0x5e0/0x5e0
[  138.656860]  ? syscall_return_slowpath+0x31d/0x5e0
[  138.661821]  ? prepare_exit_to_usermode+0x291/0x3b0
[  138.666856]  ? perf_trace_sys_enter+0xb10/0xb10
[  138.671543]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  138.676738]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  138.682030] RIP: 0033:0x456a09
[  138.685232] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
12:12:24 executing program 0:
r0 = perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x1000, &(0x7f0000000240)=ANY=[])
r1 = syz_open_dev$amidi(&(0x7f0000000280)='/dev/amidi#\x00', 0x3f, 0x444403)
ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f00000002c0)=0xcd)
fsetxattr(r0, &(0x7f0000000200)=@known='security.selinux\x00', &(0x7f0000000240)='}[,wlan0vboxnet0+#cpusetT\x00', 0x1a, 0x1)
open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0)
sendfile(0xffffffffffffffff, r2, &(0x7f00000000c0), 0x8080fffffffe)

12:12:24 executing program 2:
syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000280)='memory.:vents\x00', 0x0, 0x0)

12:12:24 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:24 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000200)={<r1=>0x0}, &(0x7f0000000240)=0xc)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3f, 0x6, 0x0, 0x80, 0x0, 0x400, 0x0, 0x4, 0x10000, 0x1, 0x1000, 0x69, 0x3, 0x101, 0x8171, 0x3, 0xffffffff00000000, 0x1000, 0xffffffffffffffc1, 0x80000001, 0x3, 0xfffffffffffffc01, 0x0, 0x1000, 0x3, 0x6, 0x2, 0x1000, 0x2, 0x5, 0x4d1, 0x140, 0xb7, 0x6, 0xfffffffffffffffb, 0x100000001, 0x0, 0x81, 0x0, @perf_bp={&(0x7f00000000c0), 0x1}, 0x2000c, 0x8, 0x4, 0x6, 0x2, 0x2, 0xd20c}, r1, 0x9, r0, 0x1)

12:12:24 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xf5ffffff00000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  138.704143] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  138.711871] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  138.719148] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  138.726455] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  138.733741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  138.741020] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000002
12:12:24 executing program 3:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000dc9ff0)={0x2, 0x4e20, @rand_addr}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f00000000c0)=0x17f, 0x4)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
sendto$inet(r0, &(0x7f0000000100)="1b", 0x1, 0x20000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
sendto$inet(r0, &(0x7f0000000100), 0x229f, 0x4008000, 0x0, 0xb4)

12:12:24 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x20000197, 0x0, 0xa4a3ad41a879dde0)

12:12:24 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xf401000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:24 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
fcntl$dupfd(r0, 0x4000000000409, r0)

[  138.837083] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
12:12:24 executing program 6 (fault-call:6 fault-nth:3):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:24 executing program 0:
recvmmsg(0xffffffffffffff9c, &(0x7f0000002800)=[{{&(0x7f0000001340)=@xdp, 0x80, &(0x7f00000026c0), 0x0, &(0x7f0000002740)=""/191, 0xbf}}], 0x1, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x802, 0x0)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000080)={0x0, 0x882200})

12:12:24 executing program 1:
r0 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0xaa85, 0x200880)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x40000, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
r2 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r2, &(0x7f0000000000)=""/177, 0xb1)

12:12:24 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x1000000, 0xa4a3ad41a879dde0)

12:12:24 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x2000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:24 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:25 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='selfeth0{system\x00'}, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00')
sendmsg$IPVS_CMD_GET_INFO(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xa8, r2, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x44, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x1a}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'nr0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0xf}}]}, @IPVS_CMD_ATTR_DEST={0x38, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x5}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}]}, 0xa8}}, 0x20040880)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

[  139.037100] veth0_to_bond: FDB only supports static addresses
[  139.080391] FAULT_INJECTION: forcing a failure.
[  139.080391] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  139.092252] CPU: 1 PID: 8463 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  139.100661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  139.110107] Call Trace:
[  139.112702]  dump_stack+0x1c9/0x2b4
[  139.116316]  ? dump_stack_print_info.cold.2+0x52/0x52
[  139.121494]  should_fail.cold.4+0xa/0x11
[  139.125590]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  139.130722]  ? lock_acquire+0x1e4/0x540
[  139.134684]  ? remove_entity_load_avg+0x228/0x2e0
[  139.139510]  ? lock_downgrade+0x8f0/0x8f0
[  139.143647]  ? __free_pages+0x149/0x190
[  139.147606]  ? free_unref_page+0x9a0/0x9a0
[  139.151824]  ? account_kernel_stack+0x2bd/0x410
[  139.156484]  ? trace_hardirqs_on+0xd/0x10
[  139.160626]  ? put_task_stack+0x188/0x2c0
[  139.164765]  ? kasan_check_write+0x14/0x20
[  139.169032]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  139.174587]  ? should_fail+0x246/0xd86
[  139.178464]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  139.183554]  ? __switch_to_asm+0x40/0x70
[  139.187639]  ? __switch_to_asm+0x34/0x70
[  139.191688]  ? __switch_to_asm+0x40/0x70
[  139.195738]  __alloc_pages_nodemask+0x36e/0xdb0
[  139.200394]  ? __switch_to_asm+0x34/0x70
[  139.204440]  ? __switch_to_asm+0x40/0x70
[  139.208489]  ? __alloc_pages_slowpath+0x2d30/0x2d30
[  139.213495]  ? __sched_text_start+0x8/0x8
[  139.217631]  ? __kernel_text_address+0xd/0x40
[  139.222114]  ? lock_acquire+0x1e4/0x540
[  139.226075]  ? fs_reclaim_acquire+0x20/0x20
[  139.230383]  ? lock_downgrade+0x8f0/0x8f0
[  139.234523]  ? lock_release+0xa30/0xa30
[  139.238484]  ? check_same_owner+0x340/0x340
[  139.242797]  cache_grow_begin+0x91/0x710
[  139.246852]  kmem_cache_alloc+0x689/0x760
[  139.250987]  ? do_raw_spin_unlock+0xa7/0x2f0
[  139.255385]  getname_flags+0xd0/0x5a0
[  139.259181]  ? fs_reclaim_acquire+0x20/0x20
[  139.263488]  user_path_at_empty+0x2d/0x50
[  139.267627]  do_mount+0x17f/0x1e20
[  139.271160]  ? check_same_owner+0x340/0x340
[  139.275466]  ? lock_release+0xa30/0xa30
[  139.279434]  ? copy_mount_string+0x40/0x40
[  139.283657]  ? retint_kernel+0x10/0x10
[  139.287530]  ? copy_mount_options+0x1f0/0x380
[  139.292010]  ? copy_mount_options+0x1f6/0x380
[  139.296499]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  139.302023]  ? copy_mount_options+0x285/0x380
[  139.306503]  ksys_mount+0x12d/0x140
[  139.310117]  __x64_sys_mount+0xbe/0x150
[  139.314086]  do_syscall_64+0x1b9/0x820
[  139.317969]  ? syscall_return_slowpath+0x5e0/0x5e0
[  139.322884]  ? syscall_return_slowpath+0x31d/0x5e0
[  139.327800]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  139.332798]  ? __switch_to_asm+0x34/0x70
[  139.336844]  ? __switch_to_asm+0x34/0x70
[  139.340893]  ? __switch_to_asm+0x40/0x70
[  139.344940]  ? __switch_to_asm+0x34/0x70
[  139.348983]  ? __switch_to_asm+0x34/0x70
[  139.353026]  ? __switch_to_asm+0x40/0x70
[  139.357073]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  139.361908]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  139.367080] RIP: 0033:0x456a09
[  139.370264] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  139.389148] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  139.396840] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  139.404095] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  139.411445] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  139.418699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
12:12:25 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x8dffffff, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:25 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x2000000, 0xa4a3ad41a879dde0)

[  139.425951] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000003
12:12:25 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:25 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

[  139.519213] veth0_to_bond: FDB only supports static addresses
12:12:25 executing program 3:
r0 = socket(0x1f, 0x2000000000000005, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xa9, {}, 0x0, 0x2}, 0xe)

12:12:25 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x2, 0xa4a3ad41a879dde0)

12:12:25 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x9000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:25 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x0, 0x100000001}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup2(r0, r0)
ioctl$KVM_TRANSLATE(r1, 0xc018ae85, &(0x7f00000000c0)={0x4000, 0x10000, 0x3, 0x401, 0x3})
read(r0, &(0x7f0000000000)=""/177, 0xb1)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f00000001c0))
syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x800, 0x40000)

12:12:25 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:25 executing program 6 (fault-call:6 fault-nth:4):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:25 executing program 3:
r0 = socket$inet(0x2, 0x200000002, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21}, 0x10)
recvmsg(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000000c0)=""/239, 0xef}, 0x0)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000200)=0xffffdffffffffffc, 0x4)
syz_emit_ethernet(0x2e6, &(0x7f0000000040)={@link_local, @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, @udp={0x0, 0x4e21, 0x8}}}}}, 0x0)

12:12:25 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x100000000000000, 0xa4a3ad41a879dde0)

12:12:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:25 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f0000000040)={<r2=>0x0, 0x593a4528}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000240)={r2, @in={{0x2, 0x4e24, @loopback}}, 0x7, 0x1, 0xfffffffffffff000, 0x80000000, 0x401}, &(0x7f00000000c0)=0x98)
read(r0, &(0x7f0000000180)=""/177, 0xb1)
ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000300)="1d5c7fe1e1cb687b5918d873370201c74e975b2cf317af5887eb354c82eb168ea9889d9b8c1527a4bc4e81fb62ada7af2b88aefa0e6ba4891802059f5a2eea377659f60f77c22f3ccac1ff1427f526010ea24fcd5ed2648548bf1ce2148cac513ccd07b16d5ac5b97e606713ec4c4c20d3ca9d1eb72356e97514912750d5a747bd98f84e66f587078eb83d51ea4b5ab3de05717a533bca0762d823034fefec66f98228463ccb97c8d0bc2170be60ef39c91f0ce46d7a6bc6ce2f5a789cc6ca996e1eb7eb02702f86ec6d424dd27f6778ec751494371d647765f8305396821856e8")

[  139.676967] veth0_to_bond: FDB only supports static addresses
[  139.697451] FAULT_INJECTION: forcing a failure.
[  139.697451] name failslab, interval 1, probability 0, space 0, times 0
[  139.708959] CPU: 0 PID: 8506 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  139.717371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  139.727015] Call Trace:
[  139.729615]  dump_stack+0x1c9/0x2b4
[  139.733255]  ? dump_stack_print_info.cold.2+0x52/0x52
[  139.738454]  ? filename_lookup+0x397/0x510
[  139.742801]  ? user_path_at_empty+0x40/0x50
[  139.747136]  ? do_mount+0x17f/0x1e20
[  139.750878]  ? ksys_mount+0x12d/0x140
[  139.754694]  ? do_syscall_64+0x1b9/0x820
[  139.758779]  should_fail.cold.4+0xa/0x11
[  139.762951]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  139.768057]  ? kasan_check_write+0x14/0x20
[  139.772299]  ? do_raw_spin_lock+0xc1/0x200
12:12:25 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

[  139.776544]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  139.781652]  ? debug_check_no_obj_freed+0x30b/0x595
[  139.786677]  ? trace_hardirqs_off+0xd/0x10
[  139.790913]  ? quarantine_put+0x10d/0x1b0
[  139.795074]  ? lock_acquire+0x1e4/0x540
[  139.799155]  ? fs_reclaim_acquire+0x20/0x20
[  139.803489]  ? lock_downgrade+0x8f0/0x8f0
[  139.807646]  ? check_same_owner+0x340/0x340
[  139.812047]  ? lock_downgrade+0x8f0/0x8f0
[  139.816202]  ? rcu_note_context_switch+0x730/0x730
[  139.821143]  __should_failslab+0x124/0x180
12:12:25 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xc0fe, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  139.825384]  should_failslab+0x9/0x14
[  139.829195]  kmem_cache_alloc_trace+0x2cb/0x780
[  139.832615] veth0_to_bond: FDB only supports static addresses
[  139.833868]  ? kasan_check_write+0x14/0x20
[  139.833884]  ? do_raw_read_unlock+0x3f/0x60
[  139.833903]  vfs_new_fs_context+0x5a/0x6d0
[  139.833921]  do_mount+0x605/0x1e20
[  139.856182]  ? check_same_owner+0x340/0x340
[  139.860509]  ? lock_release+0xa30/0xa30
[  139.864490]  ? copy_mount_string+0x40/0x40
[  139.868727]  ? kasan_kmalloc+0xc4/0xe0
[  139.872629]  ? kmem_cache_alloc_trace+0x318/0x780
12:12:25 executing program 1:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xd, 0xfffffffffffffffc, 0x8, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x0, 0xffffffffffffff94, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x10001, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000040)={<r1=>0x0, 0xfffffffffffffff9, 0x80000001, 0x3, 0x3, 0xe66a}, &(0x7f0000000080)=0x14)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000180)={r1, 0x5a1c, 0x4, 0x6b8c3598, 0x2, 0x8}, 0x14)
read(r0, &(0x7f0000000300)=""/177, 0x201)

[  139.877482]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  139.883120]  ? _copy_from_user+0xdf/0x150
[  139.887281]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  139.892819]  ? copy_mount_options+0x285/0x380
[  139.897319]  ksys_mount+0x12d/0x140
[  139.900953]  __x64_sys_mount+0xbe/0x150
[  139.904935]  do_syscall_64+0x1b9/0x820
[  139.908822]  ? finish_task_switch+0x1d3/0x870
[  139.913326]  ? syscall_return_slowpath+0x5e0/0x5e0
[  139.918259]  ? syscall_return_slowpath+0x31d/0x5e0
[  139.923190]  ? prepare_exit_to_usermode+0x3b0/0x3b0
12:12:25 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xe803000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

[  139.928209]  ? __switch_to_asm+0x34/0x70
[  139.932292]  ? __switch_to_asm+0x34/0x70
[  139.936351]  ? __switch_to_asm+0x40/0x70
[  139.940411]  ? __switch_to_asm+0x34/0x70
[  139.944474]  ? __switch_to_asm+0x40/0x70
[  139.948640]  ? __switch_to_asm+0x34/0x70
[  139.952715]  ? __switch_to_asm+0x40/0x70
[  139.956776]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  139.961641]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  139.966832] RIP: 0033:0x456a09
12:12:25 executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x11, 0x4, 0x4, 0x5, 0x0, 0x1}, 0x2c)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r0, &(0x7f0000000100)}, 0x10)

12:12:25 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

[  139.970031] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  139.989129] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  139.996950] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  140.004224] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  140.011495] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  140.018778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
12:12:25 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x500000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  140.026053] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000004
12:12:26 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:26 executing program 1:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x18b3bd7aed1b00de, 0x0)
syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x200, 0x100)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0)
syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x8eae, 0x80000)
r1 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r1, &(0x7f0000000000)=""/177, 0xb1)

12:12:26 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x200000000000000, 0xa4a3ad41a879dde0)

12:12:26 executing program 6 (fault-call:6 fault-nth:5):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:26 executing program 3:
syz_mount_image$vfat(&(0x7f00000001c0)='vfat\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='utf8=1'])
syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xe004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, &(0x7f0000000340)=ANY=[])
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fchdir(r0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)="2e2f63f482840000008000000000702e6e65", 0x1ff)

12:12:26 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:26 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup3(r0, r0, 0x80000)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, &(0x7f0000000080)={0x5, 0x1, 0x8, 0x4, &(0x7f0000000040)=[{}]})
read(r0, &(0x7f0000000180)=""/177, 0xb1)

12:12:26 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x38000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  140.261341] FAULT_INJECTION: forcing a failure.
[  140.261341] name failslab, interval 1, probability 0, space 0, times 0
[  140.272673] CPU: 1 PID: 8584 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  140.281136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  140.290490] Call Trace:
[  140.293098]  dump_stack+0x1c9/0x2b4
[  140.296732]  ? dump_stack_print_info.cold.2+0x52/0x52
[  140.301932]  ? kernel_text_address+0x79/0xf0
[  140.306350]  should_fail.cold.4+0xa/0x11
[  140.310424]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  140.315540]  ? save_stack+0xa9/0xd0
[  140.319175]  ? save_stack+0x43/0xd0
[  140.322805]  ? kasan_kmalloc+0xc4/0xe0
[  140.326707]  ? vfs_new_fs_context+0x5a/0x6d0
[  140.331121]  ? do_mount+0x605/0x1e20
[  140.334836]  ? ksys_mount+0x12d/0x140
[  140.338647]  ? __x64_sys_mount+0xbe/0x150
[  140.342800]  ? do_syscall_64+0x1b9/0x820
[  140.346870]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  140.352243]  ? trace_hardirqs_off+0xd/0x10
[  140.356497]  ? quarantine_put+0x10d/0x1b0
[  140.360667]  ? lock_acquire+0x1e4/0x540
[  140.364649]  ? fs_reclaim_acquire+0x20/0x20
[  140.368975]  ? lock_downgrade+0x8f0/0x8f0
[  140.373133]  ? fs_reclaim_acquire+0x20/0x20
[  140.377471]  ? check_same_owner+0x340/0x340
[  140.381807]  ? debug_mutex_init+0x2d/0x60
[  140.385971]  ? rcu_note_context_switch+0x730/0x730
[  140.390909]  __should_failslab+0x124/0x180
[  140.395147]  should_failslab+0x9/0x14
[  140.398957]  kmem_cache_alloc_trace+0x2cb/0x780
[  140.403640]  ? put_fs_context+0x500/0x500
[  140.407800]  legacy_init_fs_context+0x49/0xd0
[  140.412303]  ? refcount_inc_checked+0x29/0x70
[  140.416807]  vfs_new_fs_context+0x2c3/0x6d0
[  140.421139]  do_mount+0x605/0x1e20
[  140.424687]  ? check_same_owner+0x340/0x340
[  140.429013]  ? lock_release+0xa30/0xa30
[  140.433003]  ? copy_mount_string+0x40/0x40
[  140.437245]  ? retint_kernel+0x10/0x10
[  140.441147]  ? copy_mount_options+0x1a1/0x380
[  140.445650]  ? __sanitizer_cov_trace_pc+0x48/0x50
[  140.450511]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  140.456065]  ? copy_mount_options+0x285/0x380
[  140.460568]  ksys_mount+0x12d/0x140
[  140.464202]  __x64_sys_mount+0xbe/0x150
[  140.468185]  do_syscall_64+0x1b9/0x820
[  140.472077]  ? finish_task_switch+0x1d3/0x870
[  140.476673]  ? syscall_return_slowpath+0x5e0/0x5e0
[  140.481607]  ? syscall_return_slowpath+0x31d/0x5e0
[  140.486543]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  140.491564]  ? __switch_to_asm+0x34/0x70
[  140.496286]  ? __switch_to_asm+0x34/0x70
[  140.500351]  ? __switch_to_asm+0x40/0x70
[  140.504414]  ? __switch_to_asm+0x34/0x70
[  140.508477]  ? __switch_to_asm+0x40/0x70
[  140.512538]  ? __switch_to_asm+0x34/0x70
[  140.516599]  ? __switch_to_asm+0x40/0x70
[  140.520665]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  140.525517]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  140.530705] RIP: 0033:0x456a09
[  140.533902] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  140.552895] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
12:12:26 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:26 executing program 4:
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000ac0)=ANY=[@ANYRES32=0x0, @ANYBLOB="bc04000052f2ac73d206aa32e23b5b843e6888324f2c9875e5670cd6d70b30acf677462fcf1d8361d26f71f8f0a124b0cc2419cfb10a19f6d39b6030c2c7bdb77d12e9f3c0311e4cc66173f4a60a8f554a200ef06d0e1fdd1d5a1033cce3cadc74cd16a4e92c458dffbf587b195e27688a390245e4770a76c529fd98ab59fc40d5979eb63a9abc90f9efa5151228c787908d2f84ea8f3f2dfccf6ff562c92a3eec45c946f5b1ea3ef70cb1a47656cb54e65b746cf5bd402f588e4fd77f7c32caee44b9a4f658af47b69f1ed79c5ce1a82dec1f9f8b434da68acc9a25b4bfe18a014e6f154bc02cf1389e68e7fd36a19e888c940dc0c0de1db3370b16cef2e28d7e2da8ea6a9310760b20844633c78a36c7a3a8e99d43b5b9f466dacc027193fc90a374461cf4c270441db1f4660e864b203dbae79ddf19cf0df72af72fd0addd04ad519ea253f6af6b7aafa6ba9bde761515f9381b3bf773de0781bf77c739d5e4eaee4af2e9616f9d9f688e036c3bac0e5166eb90971d22c2c265f393a5342e249816dfed70aeeb1138912da6c5f13bf8afb0362fa2d59f27c842169e0ad1f415c9efa263a1a3a6e3849b2f988d6828cad122508df65d3e728c4e061e86abdbce2ec90ecfc736417db69c8c6fd4794f261c97e2eaf69857e27309fae3815a032cf705a3decb6b944b96ae02ede75f51efd547d9518cb2e9633177d5c5d9cb618dd9a469bc42e7c4a0881c4c90ab2168615b5aa4cb93f336a70424371abfba32340a32e80ad983f460a2872aedb714d1ef79bc4a9149bd135232fae3425d32c9329da7b83a2f220ccc259770e87a8ffd8336e7cf875628af8d19838331e93987117f91486824e2fa38ac867de54afe9c598a7584126905c75df0921401d6f17a149684b518290d028ace983cfec3512aa66ac7e5fc71d2815a833081cecb76bd60117e62414998a83a87f805dd5bc14f07ffbcb0d481ed6a075679413928e2b348d9c18f5eacd47a9983c01be9e8621fa8e5d2b33a15543600d632b5eb973c038928627c59f46d5d81df0cb453e0c2309acbae403d9a5c6483f0acc12ab46eefdf1e5a326991baafb8d326da9eef18b7a756209a1aa680ded1526d92a35b0008c3d6c84f610bc24cc4f7dca4b44d8aa977eeae2941ba203a937e792486cf6042bd0e19478edff047dfed57afa324e73318a2b3f37866205aaa350c94a78918188a1843a88f6573dbe7992f52761477b8b4b969fcdb789aee1abcf2b9457080c640027312c8c823fa2d38bc948594d2821e88dda0aada9a51203bc3ff4b850f7268605264c41641e078847a60527ca88bd359499a9e38bc77afbc466fcd1631a539f649ae9935f08a096fe47dae75d4f104aec452277bce963cfe7753c01d1786b7bec4bf23e900666e9203d97bdcd234b33a5f911e2e939425c3f5aabf25d4d7f9896e11e1e1413fe91e20454e92dd39c0016fe728c6d02d3b07d944604acae6e57064ef6151e7fe956ddfdc671cab26245bb8b345f963a4bfcef2c0250f50b7a17d918cf5ac4e6cd14281660be520501805e86bd441c8537957c21c886f85750dbc0c6f365f2bc1e3c7829c40c8f27a74e4bc0f3c839c1be00bd04a123146abc2e7a173d65f6cfa90a2e6e07159416f40fc4d055c85dc762c271cfff2da21deb17e1db35a5cc9904b5bb75e041fc54117d0cce76677b7acab7adb8392a950"], &(0x7f00000001c0)=0x2)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x1, 0x1, 0x0, 0x6}, &(0x7f0000000a80)=0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000013000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, &(0x7f0000000040)="c4e32d7d0b02dff40f22e70f01d165660f3881ab00000000650f01591bc4c3715cd700c4e3314ca9897e0000ba3e0fc76ec88fc9d89ade", 0x37}], 0x1, 0x0, &(0x7f0000000100), 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff}, 0x111, 0xb}}, 0x20)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/hwrng\x00', 0x40, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000300)={0x12, 0x10, 0xfa00, {&(0x7f0000000100), r5, r6}}, 0x18)
ioctl$sock_inet_SIOCSIFNETMASK(r4, 0x891c, &(0x7f0000000080)={'eql\x00', {0x2, 0x4e24, @remote}})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:26 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:26 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:26 executing program 1:
mkdir(&(0x7f0000000200)='./file0\x00', 0x18)
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000180)={0x5, 0x0, [{}, {}, {}, {}, {}]})
read(r0, &(0x7f0000000000)=""/177, 0xb1)
pipe2(&(0x7f0000000540)={<r2=>0xffffffffffffffff}, 0x80000)
shutdown(r2, 0x1)

12:12:26 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xfc, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:26 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:26 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x700000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:26 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:26 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x3800000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:26 executing program 2:
r0 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

[  140.560610] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  140.567898] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  140.575169] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  140.582443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  140.589713] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000005
12:12:26 executing program 6 (fault-call:6 fault-nth:6):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

[  140.609753] FAT-fs (loop3): bogus number of reserved sectors
[  140.615705] FAT-fs (loop3): Can't find a valid FAT filesystem
[  140.719886] FAULT_INJECTION: forcing a failure.
[  140.719886] name failslab, interval 1, probability 0, space 0, times 0
[  140.731306] CPU: 0 PID: 8633 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  140.739712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  140.749275] Call Trace:
[  140.751877]  dump_stack+0x1c9/0x2b4
[  140.755612]  ? dump_stack_print_info.cold.2+0x52/0x52
[  140.760812]  ? perf_trace_lock+0xde/0x920
[  140.764975]  should_fail.cold.4+0xa/0x11
[  140.769137]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  140.774459]  ? save_stack+0xa9/0xd0
[  140.778108]  ? save_stack+0x43/0xd0
[  140.781748]  ? kasan_kmalloc+0xc4/0xe0
[  140.785677]  ? kmem_cache_alloc_trace+0x152/0x780
[  140.790540]  ? legacy_init_fs_context+0x49/0xd0
[  140.795221]  ? vfs_new_fs_context+0x2c3/0x6d0
[  140.799726]  ? ksys_mount+0x12d/0x140
[  140.799894] FAT-fs (loop3): bogus number of reserved sectors
[  140.803556]  ? __x64_sys_mount+0xbe/0x150
[  140.803578]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  140.803601]  ? do_syscall_64+0x1b9/0x820
[  140.809404] FAT-fs (loop3): Can't find a valid FAT filesystem
[  140.813536]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  140.813562]  ? lock_acquire+0x1e4/0x540
[  140.813580]  ? fs_reclaim_acquire+0x20/0x20
[  140.842845]  ? lock_downgrade+0x8f0/0x8f0
[  140.846994]  ? lock_downgrade+0x8f0/0x8f0
[  140.851135]  ? lock_release+0xa30/0xa30
[  140.855094]  ? check_same_owner+0x340/0x340
[  140.859400]  ? check_same_owner+0x340/0x340
[  140.863712]  ? debug_mutex_init+0x2d/0x60
[  140.867852]  ? rcu_note_context_switch+0x730/0x730
[  140.872772]  __should_failslab+0x124/0x180
[  140.876991]  should_failslab+0x9/0x14
[  140.880777]  __kmalloc_track_caller+0x2c4/0x760
[  140.885429]  ? kmem_cache_alloc_trace+0x318/0x780
[  140.890287]  ? legacy_parse_monolithic+0xde/0x1e0
[  140.895125]  kmemdup+0x24/0x50
[  140.898312]  legacy_parse_monolithic+0xde/0x1e0
[  140.902963]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  140.907713]  do_mount+0x6d1/0x1e20
[  140.911250]  ? check_same_owner+0x340/0x340
[  140.915581]  ? lock_release+0xa30/0xa30
[  140.919554]  ? copy_mount_string+0x40/0x40
[  140.923776]  ? retint_kernel+0x10/0x10
[  140.927650]  ? copy_mount_options+0x1a1/0x380
[  140.932127]  ? copy_mount_options+0x1cc/0x380
[  140.936607]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  140.942130]  ? copy_mount_options+0x285/0x380
[  140.946619]  ksys_mount+0x12d/0x140
[  140.950243]  __x64_sys_mount+0xbe/0x150
[  140.954218]  do_syscall_64+0x1b9/0x820
[  140.958089]  ? finish_task_switch+0x1d3/0x870
[  140.962580]  ? syscall_return_slowpath+0x5e0/0x5e0
[  140.967500]  ? syscall_return_slowpath+0x31d/0x5e0
[  140.972422]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  140.977432]  ? __switch_to_asm+0x34/0x70
[  140.981489]  ? __switch_to_asm+0x34/0x70
[  140.985556]  ? __switch_to_asm+0x40/0x70
[  140.989647]  ? __switch_to_asm+0x34/0x70
[  140.993688]  ? __switch_to_asm+0x40/0x70
[  140.997729]  ? __switch_to_asm+0x34/0x70
[  141.001773]  ? __switch_to_asm+0x40/0x70
[  141.005820]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  141.010660]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  141.015830] RIP: 0033:0x456a09
[  141.019006] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  141.037889] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  141.045608] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  141.052861] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  141.060113] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
12:12:27 executing program 3:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x2000000003, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mixer\x00', 0x0, 0x0)
r0 = memfd_create(&(0x7f000000e000)='\x00 ', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x101801)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f000002b000)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000080), 0xffffff17)

12:12:27 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x400300, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:27 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:27 executing program 1:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x1ff)
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = geteuid()
syz_mount_image$ntfs(&(0x7f0000000180)='ntfs\x00', &(0x7f00000001c0)='./file0\x00', 0x6, 0x5, &(0x7f0000000480)=[{&(0x7f0000000200)="8e0285b90a8b503db6ffe2515ad2f84222692be94a2314a4e3b287f735a49fafe0be432dffeeee17c54482e9cf51474154bc4352d5cf746b6c4dbd59ff8d0cef482f0f48c8d1bb19b7f31444afc898ecb8dc925ddf328e03c364ccfd171f8d6ceae1f9b8f583b76dd41aa2843b21b9d9a14845d5e8798e4adfe0f23f9ae11e4ca84073b035e36a2356acf844d66f6c111f29d56af3eef080e45db525e3979536148f70ab88cb5bd7883b8bebd6a990bd1a4fe0ada9cb98967ace657589efa7fd1989f4", 0xc3, 0x8}, {&(0x7f0000000300)="f972c1aa8fa14db359b7e0", 0xb, 0x28882cda}, {&(0x7f0000000340)="b364f6efc8950e0833ea7ac7ec528bab60a642d195b1a1d1e1d5ceb57bbac846856ea951e753b3322256c52b43dc1912afc1396b7ea68e906932abacac8494259fe83241dcc465dd03b067df67c75d93e22dd4d3cc5742e5a5358f5f7a01f7e17561319e9019c7b19137fd312ceb1ad6cec2542d6ffd794f636411933a5414a0155bd1e48fbd241c20b9822de1334b", 0x8f, 0x9e5f}, {&(0x7f0000000400)="31e85b10cfc82c8689b5f99c", 0xc, 0x7}, {&(0x7f0000000440)="68235edbcbc85e2227e83887e121f271cc2c666426627f0b0fe9500df34125c6f50792657d020fb7e00fdfcdbe821102a87d7b5219c9c0ab085fcff85edc58", 0x3f, 0x1}], 0xa00000, &(0x7f0000000500)={[{@uid={'uid', 0x3d, r1}}, {@disable_sparse_yes='disable_sparse=yes'}, {@case_sensitive_yes='case_sensitive=yes'}, {@case_sensitive_no='case_sensitive=no'}, {@errors_recover='errors=recover'}]})

12:12:27 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:27 executing program 4:
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x100, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000200)={<r1=>0x0, @in={{0x2, 0x4e24}}}, &(0x7f0000000100)=0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000002c0)={<r2=>0x0, 0xb3, "df94685ea36e2cf169f8d2202b8f94895ee782c235d62f0a73d7f28bca839d3517ed1a33faa9358176f616f08874c96adc20d995f50d44f70bea2301f9ee78083a3ca7e28b5ae80035fec08f9f16976777cbac2adee14d638720c7b877b7dbbe10bd1b7bc4ca3c4ffb23e4ac9f4d06e796c63fe3e4df857a1888a8f1d9a22fe07ba5208192ca31e0898a4155a6c13c2e63387243cbf2f664878de34819ae73d9c79fa456ca409dcc9247efd8e3c42bc417dcee"}, &(0x7f0000000140)=0xbb)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000380)={r1, 0xff, 0x4, 0x81, 0x7fffffff, 0x7, 0x96b2, 0x1, {r2, @in6={{0xa, 0x4e22, 0x1, @mcast1, 0x1}}, 0x2, 0x69d, 0x5, 0xffff, 0x6e97}}, &(0x7f0000000440)=0xb0)
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SG_SET_DEBUG(r0, 0x227e, &(0x7f0000000480))
msgrcv(0x0, &(0x7f0000000040)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:27 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

12:12:27 executing program 6 (fault-call:6 fault-nth:7):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

[  141.067867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  141.075119] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000006
[  141.154669] ntfs: (device loop1): parse_options(): Unrecognized mount option .
[  141.166943] Unknown ioctl 8830
[  141.180224] FAULT_INJECTION: forcing a failure.
[  141.180224] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  141.192362] CPU: 0 PID: 8664 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
12:12:27 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

[  141.200765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  141.210117] Call Trace:
[  141.212828]  dump_stack+0x1c9/0x2b4
[  141.216477]  ? dump_stack_print_info.cold.2+0x52/0x52
[  141.221685]  should_fail.cold.4+0xa/0x11
[  141.225760]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  141.230868]  ? kasan_check_read+0x11/0x20
[  141.235034]  ? rcu_is_watching+0x8c/0x150
[  141.239220]  ? is_bpf_text_address+0xd7/0x170
[  141.243725]  ? kernel_text_address+0x79/0xf0
[  141.248143]  ? __kernel_text_address+0xd/0x40
12:12:27 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xfc00, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  141.252643]  ? unwind_get_return_address+0x61/0xa0
[  141.257578]  ? lock_acquire+0x1e4/0x540
[  141.261559]  ? fs_reclaim_acquire+0x20/0x20
[  141.265881]  ? lock_downgrade+0x8f0/0x8f0
[  141.270060]  ? check_same_owner+0x340/0x340
[  141.274399]  ? rcu_note_context_switch+0x730/0x730
[  141.279349]  ? legacy_parse_monolithic+0xde/0x1e0
[  141.284212]  __alloc_pages_nodemask+0x36e/0xdb0
[  141.288889]  ? trace_hardirqs_off+0xd/0x10
[  141.293132]  ? __alloc_pages_slowpath+0x2d30/0x2d30
[  141.298160]  ? lock_acquire+0x1e4/0x540
[  141.302132]  ? fs_reclaim_acquire+0x20/0x20
[  141.306455]  ? lock_downgrade+0x8f0/0x8f0
[  141.310606]  ? lock_release+0xa30/0xa30
[  141.314579]  ? check_same_owner+0x340/0x340
[  141.318897]  ? check_same_owner+0x340/0x340
[  141.323218]  ? debug_mutex_init+0x2d/0x60
[  141.327371]  ? kasan_unpoison_shadow+0x35/0x50
[  141.331965]  ? kasan_kmalloc+0xc4/0xe0
[  141.335861]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  141.341407]  alloc_pages_current+0x10c/0x210
[  141.345825]  get_zeroed_page+0x14/0x50
[  141.349718]  legacy_validate+0x133/0x220
12:12:27 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x60, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  141.353786]  ? vfs_set_fs_source+0x180/0x180
[  141.358216]  vfs_get_tree+0x144/0x5c0
[  141.362029]  do_mount+0x6f2/0x1e20
[  141.364078] Unknown ioctl 8830
[  141.365572]  ? check_same_owner+0x340/0x340
[  141.365591]  ? lock_release+0xa30/0xa30
[  141.365611]  ? copy_mount_string+0x40/0x40
[  141.365629]  ? kasan_kmalloc+0xc4/0xe0
[  141.385188]  ? kmem_cache_alloc_trace+0x318/0x780
[  141.390033]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  141.395567]  ? _copy_from_user+0xdf/0x150
[  141.399718]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  141.405248]  ? copy_mount_options+0x285/0x380
[  141.409740]  ksys_mount+0x12d/0x140
[  141.414238]  __x64_sys_mount+0xbe/0x150
[  141.418217]  do_syscall_64+0x1b9/0x820
[  141.422094]  ? finish_task_switch+0x1d3/0x870
[  141.426584]  ? syscall_return_slowpath+0x5e0/0x5e0
[  141.431507]  ? syscall_return_slowpath+0x31d/0x5e0
[  141.436449]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  141.441552]  ? __switch_to_asm+0x34/0x70
[  141.445602]  ? __switch_to_asm+0x34/0x70
[  141.449652]  ? __switch_to_asm+0x40/0x70
[  141.453700]  ? __switch_to_asm+0x34/0x70
[  141.457754]  ? __switch_to_asm+0x40/0x70
[  141.461803]  ? __switch_to_asm+0x34/0x70
[  141.465862]  ? __switch_to_asm+0x40/0x70
[  141.469921]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  141.474764]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  141.479952] RIP: 0033:0x456a09
[  141.483138] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  141.502026] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  141.509815] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  141.517077] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  141.524345] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  141.531605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  141.538877] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000007
12:12:27 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:27 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = getpgrp(0x0)
r1 = accept4$alg(0xffffffffffffff9c, 0x0, 0x0, 0x80000)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000040)=0x20, 0x4)
getpriority(0x2, r0)
msgrcv(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000"], 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:27 executing program 1:
perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dsp\x00', 0x3a1202, 0x0)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000002c0), &(0x7f0000000300)=0xc)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0xc2480, 0x0)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000080)={<r2=>0x0, 0x19c4000000}, &(0x7f00000000c0)=0x8)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000240)='/dev/uinput\x00', 0x880c0, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000180)={<r3=>r2, 0xffffffff, 0x30, 0x7, 0x7}, &(0x7f00000001c0)=0x18)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000200)={r3, 0x2}, 0x8)

12:12:27 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x20000000011, 0x4, 0x0, 0x400, 0x0, 0xffffffffffffffff, 0x0, [0x14]}, 0x2c)

12:12:27 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:27 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x9, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:27 executing program 6 (fault-call:6 fault-nth:8):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:27 executing program 4:
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000980)={{{@in, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@broadcast}}}, &(0x7f0000000500)=0xe8)
ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000540)={r2, 0x1, 0x1, 0x9, 0x81, 0x1f, 0x4c})
r3 = fcntl$dupfd(r0, 0x0, r0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r3, 0x4010ae68, &(0x7f0000000400)={0x7000, 0x2d8b2d29013b6e46})
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x1d4)
r4 = add_key(&(0x7f0000000040)='.request_key_auth\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000240)="55ab5f9c104880517d1480b709268be74ff6c6d925254c42f11730cd96e7e5a5befb6800e84dc5037e9eb4db31179e2971bf6a3cef9f1ecf854f0ba7ac1d48c1f9be88d6d52a641f5ea9420705dc3e0c79bae5185579fb40bebccff2dd63cc15af5c9a3d9a2b46e15fd594a5bfca6b6d20a4a3297a4ab83ee8d8c0cb413ef11434118e51518f6718ce3635", 0x8b, 0x0)
r5 = getgid()
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000480)=0xc)
lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
fstat(r0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
lstat(&(0x7f0000000600)='.\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
lstat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
prctl$intptr(0x3e, 0x9)
setsockopt$nfc_llcp_NFC_LLCP_RW(r3, 0x118, 0x0, &(0x7f00000008c0)=0xeb, 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000a80)={0x80000000, 0xfff, 0x7fff, 0x1f, 0xfffffffffffffffd, 0xe000000000000000, 0x6, 0x2, 0x13f14c1e, 0xffffffff, 0x100000000}, 0xb)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000780)={0x0, 0x0, <r11=>0x0}, &(0x7f00000007c0)=0xc)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000800)={0x0, 0x0, <r12=>0x0}, &(0x7f0000000840)=0xc)
getgroups(0x8, &(0x7f0000000880)=[r5, r6, r7, r8, r9, r10, r11, r12])
r13 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip6_tables_targets\x00')
ioctl$KVM_GET_IRQCHIP(r13, 0xc208ae62, &(0x7f0000000300))
ioctl$KVM_SET_TSC_KHZ(r13, 0xaea2, 0xfc)
keyctl$clear(0x7, r4)
setsockopt$inet6_tcp_int(r1, 0x6, 0x18, &(0x7f0000000200), 0x4)
msgrcv(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x57, 0x0, 0xa4a3ad41a879dde0)

[  141.729866] FAULT_INJECTION: forcing a failure.
[  141.729866] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  141.741754] CPU: 1 PID: 8709 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  141.750139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  141.759472] Call Trace:
[  141.762049]  dump_stack+0x1c9/0x2b4
[  141.765661]  ? dump_stack_print_info.cold.2+0x52/0x52
[  141.770840]  should_fail.cold.4+0xa/0x11
[  141.774975]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  141.779717]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  141.784809]  ? lock_acquire+0x1e4/0x540
[  141.788823]  ? is_bpf_text_address+0xae/0x170
[  141.793305]  ? lock_downgrade+0x8f0/0x8f0
[  141.797443]  ? trace_hardirqs_on+0x10/0x10
[  141.801659]  ? kasan_check_read+0x11/0x20
[  141.805792]  ? rcu_is_watching+0x8c/0x150
[  141.809930]  ? rcu_cleanup_dead_rnp+0x200/0x200
[  141.814584]  ? is_bpf_text_address+0xd7/0x170
[  141.819065]  ? kernel_text_address+0x79/0xf0
[  141.823458]  ? __kernel_text_address+0xd/0x40
[  141.827943]  ? unwind_get_return_address+0x61/0xa0
[  141.832861]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  141.838382]  ? should_fail+0x246/0xd86
[  141.842258]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  141.847353]  __alloc_pages_nodemask+0x36e/0xdb0
[  141.852009]  ? save_stack+0x43/0xd0
[  141.855618]  ? kasan_kmalloc+0xc4/0xe0
[  141.859493]  ? kmem_cache_alloc_trace+0x152/0x780
[  141.864368]  ? __alloc_pages_slowpath+0x2d30/0x2d30
[  141.869371]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  141.874721]  ? do_syscall_64+0x1b9/0x820
[  141.878766]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  141.884120]  ? trace_hardirqs_off+0xd/0x10
[  141.888338]  ? quarantine_put+0x10d/0x1b0
[  141.892473]  ? lock_acquire+0x1e4/0x540
[  141.896435]  ? fs_reclaim_acquire+0x20/0x20
[  141.900739]  ? lock_downgrade+0x8f0/0x8f0
[  141.904873]  ? lock_downgrade+0x8f0/0x8f0
[  141.909046]  ? lock_release+0xa30/0xa30
[  141.913005]  ? lock_release+0xa30/0xa30
[  141.916965]  ? check_same_owner+0x340/0x340
[  141.921273]  ? check_same_owner+0x340/0x340
[  141.925579]  cache_grow_begin+0x91/0x710
[  141.929628]  __kmalloc_track_caller+0x684/0x760
[  141.934285]  ? kmem_cache_alloc_trace+0x318/0x780
[  141.939118]  ? legacy_parse_monolithic+0xde/0x1e0
[  141.943946]  kmemdup+0x24/0x50
[  141.947124]  legacy_parse_monolithic+0xde/0x1e0
[  141.951777]  ? legacy_fs_context_dup+0x1d0/0x1d0
[  141.956519]  do_mount+0x6d1/0x1e20
[  141.960047]  ? copy_mount_string+0x40/0x40
[  141.964264]  ? kasan_kmalloc+0xc4/0xe0
[  141.968138]  ? kmem_cache_alloc_trace+0x318/0x780
[  141.972981]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  141.978514]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  141.984038]  ? copy_mount_options+0x285/0x380
[  141.988521]  ksys_mount+0x12d/0x140
[  141.992137]  __x64_sys_mount+0xbe/0x150
[  141.996095]  do_syscall_64+0x1b9/0x820
[  141.999970]  ? finish_task_switch+0x1d3/0x870
[  142.004454]  ? syscall_return_slowpath+0x5e0/0x5e0
[  142.009368]  ? syscall_return_slowpath+0x31d/0x5e0
[  142.014282]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  142.019282]  ? __switch_to_asm+0x34/0x70
[  142.023326]  ? __switch_to_asm+0x34/0x70
[  142.027375]  ? __switch_to_asm+0x40/0x70
[  142.031426]  ? __switch_to_asm+0x34/0x70
[  142.035470]  ? __switch_to_asm+0x40/0x70
[  142.039516]  ? __switch_to_asm+0x34/0x70
[  142.043560]  ? __switch_to_asm+0x40/0x70
[  142.047606]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  142.052438]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  142.057611] RIP: 0033:0x456a09
[  142.060794] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
12:12:28 executing program 3:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
getsockopt$llc_int(r0, 0x10c, 0x8, &(0x7f0000000080), &(0x7f00000004c0)=0x4)

12:12:28 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xfeffffff, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:28 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

[  142.079679] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  142.087371] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  142.094625] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  142.101879] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  142.109132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  142.116385] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000008
12:12:28 executing program 5:
mlockall(0x1)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)

12:12:28 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:28 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000d7998b7300000000008f4d1c74acd1b6aa114cfc4768000000000000000000000000070000000000000000000000"], 0x1, 0x0, 0x0)

12:12:28 executing program 3:
pipe2(&(0x7f0000000140)={<r0=>0xffffffffffffffff}, 0x0)
mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000bc8000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30)
fallocate(r2, 0x20, 0x0, 0x8000)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
dup2(r0, r1)
tee(r3, 0xffffffffffffffff, 0x0, 0x0)

12:12:28 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:28 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xa00, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:28 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
fremovexattr(r0, &(0x7f00000000c0)=@random={'osx.', 'system[wlan0GPLsystem[\x00'})

12:12:28 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f0000000100)={<r0=>0xffffffffffffffff}, 0x800)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r0, 0x0, 0x1, 0x8, &(0x7f0000000080)=[0x0, 0x0], 0x2}, 0x20)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:28 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xffffff8d, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:28 executing program 6 (fault-call:6 fault-nth:9):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:28 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:28 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:28 executing program 3:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)=""/193, &(0x7f0000000280)=""/97, &(0x7f0000000300)=""/127})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700)=ANY=[])
ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000440)={0x0, 0x1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000780)={0x1, 0x0, &(0x7f0000000380)=""/115, &(0x7f0000000580)=""/156, &(0x7f0000000940)=""/185})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000006c0)=0x1)

[  142.446915] FAULT_INJECTION: forcing a failure.
[  142.446915] name failslab, interval 1, probability 0, space 0, times 0
[  142.458333] CPU: 0 PID: 8770 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  142.467186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  142.476546] Call Trace:
[  142.479174]  dump_stack+0x1c9/0x2b4
[  142.482829]  ? dump_stack_print_info.cold.2+0x52/0x52
[  142.488043]  ? perf_trace_lock+0xde/0x920
[  142.492208]  should_fail.cold.4+0xa/0x11
[  142.496298]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  142.501426]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  142.506627]  ? bpf_prog_kallsyms_find+0xde/0x4c0
[  142.511409]  ? is_bpf_text_address+0xae/0x170
[  142.515922]  ? lock_downgrade+0x8f0/0x8f0
[  142.520091]  ? lock_release+0xa30/0xa30
[  142.524088]  ? lock_acquire+0x1e4/0x540
[  142.528084]  ? fs_reclaim_acquire+0x20/0x20
[  142.532421]  ? lock_downgrade+0x8f0/0x8f0
[  142.536590]  ? kernel_text_address+0x79/0xf0
[  142.541022]  ? check_same_owner+0x340/0x340
12:12:28 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:28 executing program 3:
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000384ff7)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000b94000)=""/246)
close(r0)
syz_mount_image$nfs(&(0x7f0000000040)='nfl\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f0000000640)="a67f353dd35f20a6ec05bac560769f9cd1a6389fe325919adde822b9eb649f5513aa31076b96adcc6798df445727d30d3cdcbf753d02340945f019510874a943ec3a9c6ddc92ccad2a7641fdfaca5414c7be03c9948c4dc8fc023e8849b23c2be23885e5610e0af9a0beed90faf0be6096d3488ca6eb2355758d3b4b80d557b21b7a5d838ac636547040060b76effbd4f573afad206fe9e6e245ddc8d69d1586f2322e284c771958656c7d47be3e80f74a1b78d8ac05c1c7f696d31e81556a897c6eb3d26766e3469b8e56cf4ca1fdef2ef8a82222580742199758725c8e4ed4dec628e46e747088a4e5e05bb8fd6a0aedd762043f127b547c2ab3eadbd67aba8e2300f9f834f1d6250efed2ab18ba9e037d091579d223280c209c56090aa3497372a16bc1d0da1e6349899e6477f4756e7bf67eaab1af61f94fb58270914dd623e8d7bdb6b0b241040f02c06039d2825192c13567f07faa6d1da565cce2b158e28046c7f823825d2e3756a4b100d748b3cdcaa6380cbd37e9c114f5887ec642a009bc3802274b629ff33ad42f20c8052cd9ed1c0396f0eb4910de245f4ea962a631753b74d5a9e25d544001044c63dbee24b5a53b4a1b2823cc3c2ddad0ad81493e75b78c13e1209aa1c0eca80bc4e1477756556fc3a0c4da230a5d551e28f7d4bf974d83eb8e38c4a95cdf98e8e8e9ce6a13a556cd24b6dcf953b102fd2186bc92f3640d10d3130d6f50510c6e4b3092b16cbdd093ce1492375c495cff4d8924ee84dfde6d014eb4733b1f1a85b1e2e686cd6693513829342a7f3af0879907581e2f1e118bd4f180258b1f40b3c626f432f47e4b9c336b82a8985264965b780186cf959488976cb027e306db6b7e83fe1a2029ed8abd604650f042085156eaf3e4d4363de5d924cfc9066c1c5c8b031f5f7efa3b36319153b8454248d964b540c946caafcf441a628a0ed8eeb3627121aafa09c8c19da6e59bdd8ab440774613730916b34543bce6105c361e9930435492cb1ba3b06857add5ec41c2ffbddf5ca4fbe01ca6171005e12f804d51f21e6b836cb7bd6cd2717da271337dae6eda1cfc925f1c6f258a225a4111ef82f46ba2356ba06aced8caaae08ed2a677f8c79f4584d423b4da6aa2e907a9eb5aef7b82cc11a738e5af1be50ce598ad695a8fa90f6b3bda04dadd0e158538375b9287debb226f308cdf501b341067f6ba6e544af52cedb33c72587a807a446a1e355ff60b9b4968b7b0a38d4c7dec107eb5f2f5a086e2fac7a821aad0ef55b9fdc7c466e9637ee8ed46d374854c76fd6a32aeebf61d35aaed7735a15579a67c1b5bb64701feaeba2e7ab13808f0dabba00c45f26771f32c4a1fccdd3c408f8a8b892a13de1a4123717c2d7efa05e5b5e5dcd14d11cbcd43ef13074ae8a91b628b05eab949c1fe760d926121e3068ecef7b3994fe1bfe18c664f2fc6bea37680e0895dfed1a2cdaa389748565f881ce19c043eaa17edf8b34bee726b6acd36dd6b58403ff59bf497c478b58ead475dc71352c43a191a9492c61e73c442ec7e81965228f9bcb4c109ffbab6d661c6883559e24f1ad2202f80049fecc06b851dd541eb0006b7b2fd8181500590d7cad743b8a8594d7beb79b66a066416c96c9872c1609c79c306193332f0dd4b290adfdc53041fe295087409bcdec7f9ffa58c2ac39027e1e07568d2dd59fade3aa7dd3dd7935d3c17979336529b2ad81b0ecb463a230b6013915e7deaab651dcd7e48e1e0767c0fe8155827fd954cf68466224141e8fb31cc0b0604748066c0902bf2f4c64045b4001470cdba27f4ec2fbcf4423168d4434aea87a22a0c34caa34857b7f7269cd108e75613edf47d58b396a6b612e058d0753390a81ca39c4857ac8f369b4ab4e53ad6b89bafd57e96bd2d94aeba31be48a6d1d70165379c163676692cef716e258c1cd1312e89dd111873b50b2ac5848486738afe58cf49cd4f3d2b94ce098a468b8bd6b15becf3ef9780b53232332a265e22235f6685eb71fc611901cc510aabe4ffe11d0d0ffff2d162413a6edae3da05053801e90dfafb09669b479818da1c0dce28a44536d47b597e12fc72368a68d860ff4ae6f5287756081f49fb2d19abe6f58b25260b55350c233746a8a5dc667366fd466ed109d142fb648c73f0d4f24f01b6f47caa21bc3936a70e507c8747b3aece9f486c60fcdc0977954e775b3cb43e17d2c2f7ea710b33d2e240223a7beb4a0bc78f1b72785e984b8b92e42e6a9c427780bb23ed84f1730e1a3b8604fea6394dc52d10f6619d4cfc8c6153819f07875e3d5094fd5ab9acf649b54c703fc85ac709c977e03c993455520f686f9c727e27d6eccb3ab49a861b96ed0f4880e27f229b2a107aa036f448c984f76d4440f3b4ea7eda4a2e5d7ae2b054f54bc75fa608e0d7c4e661b959989b1cbdf5b5fa35853da0d5ce6681263cdd32981f91cf0b4faaf54ac6ab4531c1caa4cb840554511669514b0cf1e3ee7ae1aa97a6dcb2ff28be1604577f40ec008b4ac887726ee870ba2536ca0977cf25281c9bd1b567b7d4934e76895b6317747fa1adb99edf46e5213b72447c0aa74fb1b85ad76ece12bb017d2814b8ef5314b359bd3222904472095ddc12f7df80d98d748e15fa76a246eb0022e47eb0e468d55b813a0412170708ed21fd251d928f2ef53697cc8a8f2a894a855fa1a21163ee70521d78271e6db4fe46d093d33fea67336839e4d003264379891392602abcb6e1a2f483569a1ad170a8a738cecba303fb423f131617f41a221af080a4c6a6d221c21bd8e431d7366ab5d5fed46f64c260a1427b288533de0ceaa21da3adbb0be6bddfab1da5bcab97e93a5e2cfb63f4fdcff2e32777b17def3dbc0953fdf04732b5428bdb931d36ce15f728e182276e652da28c77a7e959c71f31d36f1317bd41f7b7df838f5c19ca22f1e2d97613e6b62c1691ffdf91cb1763e99b842af14bded105bd645938e20dd35e21db279abc583524a5898d8be0da66ae55f2430c4d7d488064fc2c96c29622de1db558f2b851e2c8eeb2e1b64f744e1dda2f9427dea550734b0aa162ec8034f66ad474f3a410abcd09c233e6fdd070bf2e2c1ecb7d4c61d2d5274783e267660e05066e45f83de5a09abca46047e2660a4484cb5804577ce1469b745544ae2074a92d9b105b1f9102e332ab3ba0ae4bf16f3329c1742bd03eb5f94f5b20a9479e3da3bf44a81a2e3ec12a3f41e6bc1289715375c5e8eb6b1432d6dc622f573a6b198336ad443d7d7ca232e374f5fbb476b081791d432c5be39dc1fde48a2f9585b3faacf04a56618986ead339526390ce37139b41b8b23b316ae31549e2172355cc89ff0b9ce285aeb8bd8d174ee664529e0ddbb2e585dfa7928ef947b016a46f2524186c29e84ffee71cd0c0e4391f7d423529d794660a81a8359802f1c2b8ca28827f46df387dbf415ec6a3df1495ede6bee8284d6142ce5e4e353c43dae2679eae05ab3f0b625b48776e3384044be5bee96e43a07a78eab2b2c4ac4e69e08c27d614fa4d3bee496bd6c5fd9fca0ec117ba908981ae3d0a2a02a06039e77edec4af1e91f5dc65b50fb91f92d4a9bcd9fe676076254a0eb2955c4511b18f644a583cf678c02a2b7f2a49cbf6844a47bb10df2a08cf07585560d4091adfaad1b34b1fe63c7ee56fd60c23f5dbf074d2b32960b5b7d607360ca62ca77fd03b9eeffa3376903e88a41e58e294933820d32ca8c97a463d512510894bdbc3e664dd8d3320344a1812286c1f3a78530fd04878df383cd6ad20a02e827779e98a072b0257b8490f8ec07c9c8087c6641955ab534e5374ca24b13e3b239b97a8b1b372b6c80e58a5808285e857ecd91516aa88375ae2bb5329888bc658740e30caa6e3699a16dc26958343669d946814209c87babcbcfef2a09eaf3a530d38b27ed4c078968cae359a2c7b47cd5de89e30a9a6ac0be37a9bde56ae3bdc563c02fa3bb7c1df6dac58b30beaa96e39bd8df41899a9cf2495fbcf3d0c721a9f9f10a5a4bef1e8abef8627600a3b880b0faac82a9c40e675e15a684f2425cf5b7e158537130f57e9a45ed10545f837e66d8d3be2c40f426ff95f7caa9cd7f53444c4ea738becb0de77be84bbcec7426dc0d0bf9ada8e0fad3e787773f6c52d1c1e0282a555fb738c29862d0ea9271956b1cb4d1bd56315f3f901c2c9f2e77f96d0a97b3daa78dd4d5e10adaa5ff6f9b0b2e58e150510c3a3c13d2a602918775134892cbb1aae5c734ee43b788673e32834f36ae924259ec3ee718da004eb9b35965ad6d966af3c3c03dd2a1d5df09919b118c613c1a7377fb4fb96ddfada95029a2c781211455b108fbaa740b2f6b24a8ac006452076ab4db14dd22bf69d5b33e50bf7d4a5c080e31ee237bd877848df9c3edab366d6ac79357134646b343d296b4892470960f00407d736cd0433deefee52bf41111277b75fcaa8e0b7da557cf71f1ca02d1d4c39e8ba8aa729c721c02bc90e312e9cccdae746c6dc112f9c4c889f7a904e26aef5e9bd5ee74a02e823f80f7755597f5c2843008e631a5053c0d58206eb0ad0978c83388a67e74ac9142909c94e6a534257949c62d2bae941d47498496ca23831f8eed95052cc4853efa4435a7534fae79949fb05dca609ea5c11bffa95eb7bdee7d37c32093c85726299b0b0812db503b006278f6859818c30c262cb39c98ab59024347e1cc652c66f18b1d6014a6c271664b84233070a6bc17b5567eaaebb8c887446d015929331c44706a77e8f617d7ed5be80e6f7da8681911b139b2bfc625aaecf9db0ab389226c79cf239f414446aa0e52de508e18a1bf1e88e7603f07f241012d593892614120aec37b649fd41e135b7f796194366c0d1d06ecd231647bc600fa7d0189a3aabf750ca16d1349b9050510c820c195e67387d478a65b06800871505d45c5136c14e1165cbfb4d4090eb00e2273edc7f0ed8147c553b1a32b9161958309afd5602a5333324fab1e56f71654d4718fa6572f227e9b071a786101f7709ae03c05f9c275fdad0f8016fd7e9954524f0bc1c430b14ed5afa0b0361c1b4d1ee5e52323e165177d04a8d2e76cd4f95a8353da3faf9456cf1afa7df75fba030c9a6ea32a0b4e53f8b0f4c7e7afa01e7d5012dc8c81f1ddf0d2ecc9d805bffdcded790f4379a582ed443637b165645ac988a413a2c5240af047e4f25d4254725dfdcbb2c15dbf82eaeecaf3e3171e33ecb31e559f91d01c1dd76c9e060c36c757e0f622303ffab83d4a3cf907d2d9574120555c3a6f38998d377c139a367871f10b5ea084cb9f8bf589ddc67c8ca2ff5bdafb1ce2ee16bb192e84787294a75a70cee5f9dabd8e746abf108f519ffdcf5695f364adea120c4814ba9a7cf2ccf4c9749011d5e81697d422fcdd0c910aeda24ff5781341e2e4be4a18f8ef31073fc2c6fbad0464cd56358ae3c6298fd23868cd8a026a7d760bd1a097b861c501ea261f1892c483e53baa0eb96402971007cd7d29146445faf7b2b07ed3452f62d0b245a738f6278cf9f0cc3317da4a8eb68356063c1b6996591f85ef8f3a04bd56273ea50b053dd2941f970a566898d677a2cea477da76a43e2dc697937b37841f9d05f62a9a100c580503ef447b61f44536d5995e3b51e1247afd0052a3f4dcb45204a987c8b43e5c28ce8bc2cd988956c27f24005f935476fc3491c0077daa0c37ee3c3c3d91a1821fa8f2a28bce0420cc150551f6e7b46b569c139c55529a7ad0d049ae1412f6c3796b6e739f721395159b1a7", 0x1000, 0x1}], 0x0, &(0x7f0000000600)='\x00')

[  142.545376]  ? unwind_get_return_address+0x61/0xa0
[  142.550331]  ? rcu_note_context_switch+0x730/0x730
[  142.555282]  __should_failslab+0x124/0x180
[  142.559538]  should_failslab+0x9/0x14
[  142.563370]  __kmalloc_track_caller+0x2c4/0x760
[  142.568074]  ? save_stack+0xa9/0xd0
[  142.571747]  ? save_stack+0x43/0xd0
[  142.575383]  ? kasan_kmalloc+0xc4/0xe0
[  142.579268]  ? v9fs_mount+0x61/0x900
[  142.582979]  ? v9fs_session_init+0xdd/0x1a80
[  142.587381]  kstrdup+0x39/0x70
[  142.590561]  v9fs_session_init+0xdd/0x1a80
[  142.594788]  ? legacy_parse_monolithic+0xde/0x1e0
[  142.599626]  ? v9fs_show_options+0x7e0/0x7e0
[  142.604040]  ? lock_release+0xa30/0xa30
[  142.608013]  ? check_same_owner+0x340/0x340
[  142.612333]  ? lock_downgrade+0x8f0/0x8f0
[  142.616476]  ? kasan_unpoison_shadow+0x35/0x50
[  142.621046]  ? kasan_kmalloc+0xc4/0xe0
[  142.624948]  ? kmem_cache_alloc_trace+0x318/0x780
[  142.629783]  ? kasan_unpoison_shadow+0x35/0x50
[  142.634368]  ? kasan_kmalloc+0xc4/0xe0
[  142.638249]  v9fs_mount+0x7c/0x900
[  142.641796]  ? v9fs_drop_inode+0x150/0x150
[  142.646021]  legacy_get_tree+0x131/0x460
[  142.650074]  vfs_get_tree+0x1cb/0x5c0
[  142.653872]  do_mount+0x6f2/0x1e20
[  142.657408]  ? check_same_owner+0x340/0x340
[  142.661719]  ? lock_release+0xa30/0xa30
[  142.665692]  ? copy_mount_string+0x40/0x40
[  142.669939]  ? retint_kernel+0x10/0x10
[  142.673826]  ? copy_mount_options+0x1a1/0x380
[  142.678321]  ? __sanitizer_cov_trace_pc+0x48/0x50
[  142.683161]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  142.688708]  ? copy_mount_options+0x285/0x380
[  142.693200]  ksys_mount+0x12d/0x140
[  142.696819]  __x64_sys_mount+0xbe/0x150
[  142.700786]  do_syscall_64+0x1b9/0x820
[  142.704672]  ? finish_task_switch+0x1d3/0x870
[  142.709154]  ? syscall_return_slowpath+0x5e0/0x5e0
[  142.714086]  ? syscall_return_slowpath+0x31d/0x5e0
[  142.719008]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  142.724106]  ? __switch_to_asm+0x34/0x70
[  142.728155]  ? __switch_to_asm+0x34/0x70
[  142.732204]  ? __switch_to_asm+0x40/0x70
[  142.736257]  ? __switch_to_asm+0x34/0x70
[  142.740305]  ? __switch_to_asm+0x40/0x70
[  142.744367]  ? __switch_to_asm+0x34/0x70
[  142.748421]  ? __switch_to_asm+0x40/0x70
[  142.752473]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  142.757319]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  142.762501] RIP: 0033:0x456a09
[  142.765777] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  142.784751] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  142.792891] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  142.800151] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  142.807506] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  142.814757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  142.822044] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000009
12:12:28 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:28 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x300000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:28 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$dspn(&(0x7f00000011c0)='/dev/dsp#\x00', 0xfffffffffffffffe, 0x800000000)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000001200)={0xaa, 0x1})
read(r0, &(0x7f0000000000)=""/177, 0xb1)
ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f00000001c0)=""/4096)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000001240)="03fb80d21cd3515319d95489ddde41b0de3c511ccf0e8132d3b37467d831046144dd26f22754f733e3f89d7d8130b65b7520a9a1dd9039fbcf0e3f70207d283bfaa5b783ebdfda408b8ceee3b186da616e68b93189677e5ce777ac754e9dfaf9e55b460bb72255b2780dc6d8651843c0d903258e7e30b0d2c84280750bf2fc37c6117879b9c6f51579a1c134b7e4e927e2d3d182aabb185f697c96aac10b506031ef6c3cc197719f79d61213234dae80b8bfe8dcf8baa90e3efd2fe9006ca70c6d21d9257c4457e4ffeb5b91e5a35679326cc73df968e4e626cc28c6bf70b615b23c74f5e52295a863a4dde15f64", 0xee}, {&(0x7f0000001340)="245bc212e6d89fadb76c7d29fbd9bd31a2b0c60668f4f8a4ea78509e8cdb0449e30a8ee5501ee2093429b9224860ef44585cb7a33598ce2d3a33836cc5b5897658c40a49300f98c926c7ccfd1a00071dbae043b62998f6622174b92d722a226e96e92bf49e2a6a43ea8c9e724dd8298bc7b48e37f6a0eb5222a58445e3351371aa4d93f305d17c586b129fc755b595f1a7d151147ac7a707313dc5f7d330a6b7d9826ca5f00462b96f4e4a14249f8b658e88b1d85bc4d1fa593df852ceeb3a30ed74600923cabe98129e0808001dfa6dc92d2c6acb92176de82577b7b38d860c0052b500315f7c1ce1cec53cc9a5a6c2835783a02884fe95258da88de291412b80f81c950653fedba1af169958e2eb5fe5e67daef9a0e92cdf261e866cf6b2a4b6b38cf5037c0f54425841d33b83e08eddd52841d83a0bd3bbcd2e1ca875b61be8851554b02802d71e187bccf46e72c1da8edf198aba9f1c0ec8e185c8dbd68b7d5d22d52fc2748462b20d520cf518256a16bc47c8f07e831d3f167c508f8808c819d15e4578d3be05960d5d76e796574fd040bb48fc056051099020f70c110a1250732ea5b3c2771671aee675fb6ba05c90055784ca45ed455e32fb9bfe01f9ce47ba3a3fda21b87106b346f0c9e51f8c347f172c787c37a6d8766d2043ddd470efbcaa9a7c65e0b0689a82a9b0c54c1d79cc6fc72774f6bda2027c21b3cd899554da2e5b40e36711bb37699833f2731aec34dd2c78f378b1b3c239e60663a31fcec27668a2af27290e0f1ff313031fc590d808395a610e3f9de9267791fd13fba41322a9bd20329fe393ed8c5e8a69585d7bfb7745d1667cfbf9da30c057961d9ca1c6f2296856898bf2dc5e860c793c44648bca27675ffcb250992e103ffb2ff8fc0c66abfab2add6625fdc40d3e16480bd07f613a60df18903d313005eee1c591970cae0c52b271e06aa21ff2acbeb55069cc79b16e4eccf9f2111976a028a8885a482ee0e307ae4d080d4c48ac8ae5c7fb0da2a2c445ef64c967b033b8f6d202784e8a9d1e84945a0cb22b63584a5c10437724284971d76606eb24f679ece8a1ebc7329e0e34507b7261bac185c12462d35f32c3b3da50a0e0655d364dfe77af658a8eb110516babcc257e1732dd14b388d088010984da0c6c2ac792004727b910967b67743dd04dab3cc1e53806b7e443ba6a75245c04771757ece890a6174f3814f75217215939451bd1c203c7c9a4a9a66db56477ca8125ed3112bc32cc8396708d97ca9b73e868b1d0f9f1cd1583ad547727eb57fdbf20ad4935cbc6679d46d2ff9ebc4256d55f74185c2387dfc73a42b69fdd3f408a3cf85f88ba7290e2b355f3b207996f921ab1629bdd41946d04d9400722b6f916020105dcc53e27fbbc429ade932db6b53c27e125b8a5faedb7080ee0922f1d96697d734c147d518f0a9ea34b99a08cb5dd56a1ef0c42fd4e2a387b9172641770352251da6e7a3cd806c0f14e5ad445851fed03af3f013679223d02422b7dd8c28dc0635b5e41d8df6d3096e60c101e723707372c53e7d3feb5830dbac35e5df81fb6699a8e9d545ac9f7c8a0f6401f8b109a87042a4f7965220fa42edd326d8cd7b5821c03f0b3e11b33d160380568cc70572d630f15404d073c269e8bb47a064fd1d1a229ac1e47ae39268a41e9913c87f695efcb41ae2754cb3005f67c01f4786b8991bdfd41ec266ce93bf875fe6e501569271c7eb8d99f55dc69a1d2be69350bb5625edcc155236f98fb31f01d2f03c61e43e30d3a086b1d8cfbbdbbbde3e67c3dc0078e4791ea65046193141f884879701ffac9ddbb4b7450119a669a8ec6e6dd4207a4cb478649296e9910a12f8d816b0e65444227e5b963b5843a390efcd010bc960113beb7bcca20d6cfd7d584a933cb95aa621c468168d057d376156d5c0da1194c99cfc5f8111bff13c9d069da77ff5ba30027a9fccb7c8b56e0ffe07dd0c4f2a1fedeefa0c0b47048de29b245ccc4f918a44cb1a334eae50211d4f747f92daa36ce50e372939acc5c02154311b719a8d180520208be5ae64660a88474ef3695d290d64c4c2d57275fa557105a2d8d6977a1eb8294124da3c2f7144b81381559d8f25f5a1cfd96f525bb172b05f5b72f64507ea9aa9784433fbf4dcc4d0bda0a5aaa80db6abc394e14810d680ec85147d74581e49104e190e3ae4c7097f22a928bac81014f3657aaf9f8b5303972aa83ac01c020d6505c159236a320835e304c8d4ffe7a709806d33aff7536edf5d95290eedab6c69d6c4fe466315307e54848e7296caaf9dd0270e499437c0f4b09e4068ab3f83189937016940ef2cba4e669987b16e8ab3b2650c0ebf0dcf42d0fd6391b211bf1f2ec32590b5bfa15911b06c1f8017d588930faf38448dc2e645d158e2573d3f13d56e92a4421dbacac35a70d3c5a59cab9b49af5c181431b8909761f47b2e5e06afa8994ec7d0c9266218e1d68bd1f64044a531c9f677b78e4472a9a26098b70bb895b7f3c0af8fca82f533dbbfea7d034e96dd46c4744523cc71ba881ff5c1b60b2b540090978f190864e99b37beecddd0d579f41fe61e9cf1e995b654be6eda8d82a69532db0f59bd17754f1353fc9c1824c32b13a794ec7414d8685ab0bf77c55b2912ed5e164bdfd579a32d93fcb2830705f6caebad317e00216a274e0fb1b67690b63603a494152bebf5e10fd219012b4213611805dca0a2aabc060c05c50cf6089dfe8d0fda0c310e9e7d2dde612c9bc0a3e80052dd136c578de4e92d628d1147118e1a4e9cf8d99af4deb6bf50d3c7ab2fabe0c53ac07e8a734d6472547350b8bf5b1ff13e07bab74fe2753a6a4db3367be9eb2c9676f4a225a2a60444ef95c64f186bf64a69e7df8fb198c2f1b77d56d947f1ca00650f0e39fbe07663b1b2fde7cf0bc2388d2a9ac8ece3b796298125a972953a67ef9fdf075461ff11b80d04eb39d8f99ff18f79baabf58e484ae0dd5708e33a6accb45d7c3aaefc74e14c20b708d878518d1abe8076105c830ba6a33ae96e4b9c5f5d4ad1c277a44acc9142eabed46bcfdba7bbe97b3b41752b65151b09399acf3c4fec07f8ee75d7db5a4eac466a4ee9e16977a9a4ad16853340a500f06c6c6c70353ffb49ea96b4262be124b9197fa661a2deed589386fd8a9b5adb484e0efe3b3942453462cf5888d431ec1ed79b13a05a053be1d71824b97f5e78cd2a61c13b6b4c6960a195692d7344ec3a8a453e46e213233d772f98549fcd0adcdb523b1bc1ca36cdf0ab98604a2299f602bc8d5ad5e2d3de988b11ac610f16fc00c353d0ef1e16f64bea673fc2cfec7a3cbc9c80d1766bd94ba144b6e9d6fb62f0673d129b31d953620046de01d39e0697adbc60008f1c67b8b14a0bbe92e42c4efb45c348a2de7638c767ae5fa734d17888530149f98290ae54741f458662d0dc705cb9705d0fa8e916cff7d1fb48f7199358e7b29fff5af48a8efc9e866154da57c3fdb9d2d15a6424dce15c52935e07b74c42ead96d8f459c1abc2c22ac10664afea7830c063c68453c731a5290deede2242a262e2355067cd083cae8930424b43cb54b160c48e79d251bc21d5c05dc056df24a09ca963e02c204ed162dec8c6859aa9e70f80c6bdabca99bb05b242a774a15b5b6a8ed8c417f5f0c7acd79bb3c7c0be548303850ecff6265206b35ed3ecb0e883e018c30b5371b753eb8d8a6d2329122f71811de8f91d97c38ee66593ad025f12ae2711554b8c334da1a8fd19712cc6e398bfddd1b62fd09a662efee87896f5e108fc22dcef0e8d40919c90be078f3e0504ee48fbf0c812430c03aca7c62ec332b0805363160afd529032b31845f0c442fd9ae57696cda1c558e39cc2be5ddbb3a48e2b6e7308285973b01a9a317a98dbc9be4338f69acfe16e1817b3626a5636d87417ddd70a289365cc979bc1f73162e2711cadd572bd2772efd530d95a52cf4bab95f6dd165c0c20dc9714975a3324652b42df328ede612cf466c33cafb898cc88b936864580377f9a93329b38357fbea0bbce5ca5490f899a515ceddd611212a085075a67fc1dded9597af7a365af29fa22199e2ab5f6178431ee41915a44634904176e430a68715c9b9945692ef28f7d31dadb402e6ced01d4b5ef2e8af42182389efc8c30d1fa262b34158788e7407daac940eb3b7c1835685a86049694b2a9985d375f6581f93b0a2088efd1e0d7f6b057c10628273309bd9eee45f9c6196925fa2742a6d0082dc3511ef2d809ab080aa1e96902ab968b489fca460a20f4c4a38a8afae3260e7bef2d8ef9703721571584dd4429ed22e755dd2a4d21216891c9c58d9f5b233cc0955160b4e77fe4e1ede3b4e2eb854211480bd8c5f7d9fd6985048af540f922235916ada4d088fc830d1cfdc7faa9455e78c5754d9b27a50f0878d69943c23fdbe59518428ed1d6a12a57690689c1ee3ca9a05a2c5402489dda5e39ed0c18d4e05ab778fb7859d539f6afd1f7fe002ab404103aa0b48981584149d0dc07db3488c59c86ad731e07a691088512de4785590a17e4fe0b69000378fe4af84f1709a2a28b8398241825d082917adf22f4686eceb722d8028017f95c0be40443c9d030132ecbb5399275e74adc2a07dd1cff07064be814d3e0f5cdd4f9b066a994482749401ef85b1f0f3db09452ad3dff29bb13a54c423c30c784ca3b8fcaa6ca1fd60f9bcdee801ecc4e0850832f64b406d98343bf3c788c0e105060ebed3c5f456cab89867191b18840a28b9f4ae6bf0139e6cb7103ebb90d1460d427266b6075ecfa3accb6a08da8c1acedeb93b0c6b2150cceef6b11da8d7c97f77db512aa9e7551410a9d50c93d9b7d1ced184e291d3ba38767319434e28e608ce5623f6daabdf6af587010732a3d269def19db916595d5a379f7cf85ce8cbdeb707120bd20eec401cb5aad2553322d1728f0fe56ab3b80f41cddec975129e7f0d47537944103f8142051da81fd49c4274c026130dba4e6024d46a96b14be7637586ad9d7431a3b2bc3610c145ea08725d4ebe2b1d9a081cf44b59d1db8979af7f3b82f373a33dbac952e33042787dc8b31a7f1d9c3cd64ede1c7a49987e2483fa339ff6cd1da2aa2468746138408b239c9ee88c2da8dfc75df909296762bcb3d768260f52ae05775b4e13b1d0012993e2841038e47cbba2477ede8191f62972a8d46b6ed8747766d73d6eb06bc7b505cda594a54bbe6813a06f2675e32b29ff8122e11605c6642513c47ba80c7ffab6e54d01b74cc13837bece397c57232b60d3732ec1b6d4b2aede5f8d99626e8e416f1fa430ef9da9f2e2e2f5cf5c33d8066f42509c346f5e309ef9537b1c157c9c9e8c2856258552432b4d4db6bda3e93a50353ed95b991417cbfc064a101a5b70b4a36b26f204d322029ceda0c27d79ed22e1402ec547c2c156778cdb2fe4b3905d716bc97a5f8fb0e7497ae4afd7383b08f8571d209e6fc20931b5a2a80c2ce62378056ee73e81602c71a783bd1690262a07382d0fa13ce1b7e3aafa1c436c02ddab4819ab04e95a3c7f1220291ca5e28f8cf1b236447677803080ca45717c32a59e1facdc71a9b25a9ec52e9171cec4c4a16a88fb1677007aba8b3ff9ed53e3f32f8dd12aa3321c35517f0b7a528d3c284c0408161c65e40229d6130972f209190e7f99e307a0a1a58f7c35712cee051dc14a4d1844b1b99bb8ee88a81305a6d7f324e170eea8d5a3b73ca2a4021e4bf3c282020104f047ca2c558059900dc82beeef5432b8f44bb647f56332", 0x1000}, {&(0x7f0000000180)}, {&(0x7f0000002340)="c7ae3d34df44f0d8ad6f43d3e44eeb7c31c7aae27e57048f344002edcd63c0d7b1ebafdab9e0d1b505f19ab84c1aadfc2e0b65d76fff949774c866ed906fa16dd11579a08bf03e973c32ed6dc689ee75e93355c718be302d10b4868396f3ec3d5f9fbbbde8beb2ac1faf5498a7e558fd0faa8eee0d935494", 0x78}], 0x4, 0x2)

12:12:28 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:28 executing program 4:
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x30, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xe2c6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000e9f81a63a76c8cc5315c38eeb53574cc0bd98f2db96f38732bd72c266e0a0f4cfb92a9cba5fc3413c4ad3646fc85236d6d149e552b4d6d9d902411e066e77b522486b371d5d37fec8a85a38151d95c"], 0x57, 0x0, 0xa4a3ad41a879dde0)
r1 = dup3(r0, r0, 0x80000)
recvfrom$inet6(r1, &(0x7f0000000040)=""/255, 0xff, 0x40000000, &(0x7f0000000200)={0xa, 0x4e20, 0x24c5, @dev={0xfe, 0x80, [], 0x1a}, 0x40}, 0x1c)

12:12:28 executing program 6 (fault-call:6 fault-nth:10):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000200)={0x70003})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4080aea2, &(0x7f0000000000))

[  142.989383] FAULT_INJECTION: forcing a failure.
[  142.989383] name failslab, interval 1, probability 0, space 0, times 0
[  143.000707] CPU: 0 PID: 8814 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  143.009229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  143.018582] Call Trace:
[  143.021168]  dump_stack+0x1c9/0x2b4
[  143.024784]  ? dump_stack_print_info.cold.2+0x52/0x52
[  143.029972]  ? __kernel_text_address+0xd/0x40
[  143.034462]  ? unwind_get_return_address+0x61/0xa0
[  143.039383]  should_fail.cold.4+0xa/0x11
[  143.043432]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  143.048528]  ? save_stack+0xa9/0xd0
[  143.052227]  ? save_stack+0x43/0xd0
[  143.055838]  ? kasan_kmalloc+0xc4/0xe0
[  143.059715]  ? __kmalloc_track_caller+0x14a/0x760
[  143.064542]  ? kstrdup+0x39/0x70
[  143.067897]  ? v9fs_session_init+0xdd/0x1a80
[  143.072293]  ? v9fs_mount+0x7c/0x900
[  143.076003]  ? vfs_get_tree+0x1cb/0x5c0
[  143.079963]  ? do_mount+0x6f2/0x1e20
[  143.083670]  ? ksys_mount+0x12d/0x140
[  143.087455]  ? __x64_sys_mount+0xbe/0x150
[  143.091600]  ? do_syscall_64+0x1b9/0x820
[  143.095653]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  143.101007]  ? lock_release+0xa30/0xa30
[  143.104966]  ? kasan_check_read+0x11/0x20
[  143.109098]  ? rcu_is_watching+0x8c/0x150
[  143.113233]  ? lock_acquire+0x1e4/0x540
[  143.117197]  ? fs_reclaim_acquire+0x20/0x20
[  143.121506]  ? lock_downgrade+0x8f0/0x8f0
[  143.125644]  ? kernel_text_address+0x79/0xf0
[  143.130038]  ? check_same_owner+0x340/0x340
[  143.134343]  ? unwind_get_return_address+0x61/0xa0
[  143.139260]  ? rcu_note_context_switch+0x730/0x730
[  143.144192]  __should_failslab+0x124/0x180
[  143.148417]  should_failslab+0x9/0x14
[  143.152216]  __kmalloc_track_caller+0x2c4/0x760
[  143.156871]  ? save_stack+0xa9/0xd0
[  143.160491]  ? save_stack+0x43/0xd0
[  143.164112]  ? kasan_kmalloc+0xc4/0xe0
[  143.167986]  ? v9fs_session_init+0x115/0x1a80
[  143.172468]  kstrdup+0x39/0x70
[  143.175659]  v9fs_session_init+0x115/0x1a80
[  143.179966]  ? rcu_note_context_switch+0x730/0x730
[  143.184886]  ? legacy_parse_monolithic+0xde/0x1e0
[  143.189716]  ? v9fs_show_options+0x7e0/0x7e0
[  143.194114]  ? lock_release+0xa30/0xa30
[  143.198077]  ? check_same_owner+0x340/0x340
[  143.202381]  ? lock_downgrade+0x8f0/0x8f0
[  143.206515]  ? kasan_unpoison_shadow+0x35/0x50
[  143.211081]  ? kasan_kmalloc+0xc4/0xe0
[  143.214956]  ? kmem_cache_alloc_trace+0x318/0x780
[  143.219804]  ? kasan_unpoison_shadow+0x35/0x50
[  143.224373]  ? kasan_kmalloc+0xc4/0xe0
[  143.228250]  v9fs_mount+0x7c/0x900
[  143.231784]  ? v9fs_drop_inode+0x150/0x150
[  143.236011]  legacy_get_tree+0x131/0x460
[  143.240062]  vfs_get_tree+0x1cb/0x5c0
[  143.243860]  do_mount+0x6f2/0x1e20
[  143.247391]  ? do_raw_spin_unlock+0xa7/0x2f0
[  143.251787]  ? copy_mount_string+0x40/0x40
[  143.256009]  ? retint_kernel+0x10/0x10
[  143.259895]  ? copy_mount_options+0x1a1/0x380
[  143.264377]  ? __sanitizer_cov_trace_pc+0x3f/0x50
[  143.269213]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  143.274751]  ? copy_mount_options+0x285/0x380
[  143.279243]  ksys_mount+0x12d/0x140
[  143.282867]  __x64_sys_mount+0xbe/0x150
[  143.286831]  do_syscall_64+0x1b9/0x820
[  143.290707]  ? finish_task_switch+0x1d3/0x870
[  143.295189]  ? syscall_return_slowpath+0x5e0/0x5e0
[  143.300105]  ? syscall_return_slowpath+0x31d/0x5e0
[  143.305016]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  143.310032]  ? __switch_to_asm+0x34/0x70
[  143.314080]  ? __switch_to_asm+0x34/0x70
[  143.318126]  ? __switch_to_asm+0x40/0x70
[  143.322174]  ? __switch_to_asm+0x34/0x70
[  143.326217]  ? __switch_to_asm+0x40/0x70
[  143.330265]  ? __switch_to_asm+0x34/0x70
[  143.334320]  ? __switch_to_asm+0x40/0x70
[  143.338369]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  143.343206]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  143.348400] RIP: 0033:0x456a09
[  143.351591] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  143.370652] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  143.378350] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
12:12:29 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x10, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:29 executing program 4:
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2800, 0x0)
accept4$inet(r1, &(0x7f0000000300)={0x2, 0x0, @local}, &(0x7f0000000340)=0x358, 0x80000)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$IOC_PR_REGISTER(r2, 0x401870c8, &(0x7f00000000c0)={0xffffffffffff8001, 0x4eb})
ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000280)={0x9, {0x2, 0x4e20, @loopback}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e23, @loopback}, 0x100, 0x8, 0x1000, 0x9, 0x8, &(0x7f0000000240)='sit0\x00', 0x77b, 0x1f, 0x6})
mlockall(0x2)
msgrcv(0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=r0], 0x1, 0xfffffffffffffffe, 0xa4a3ad41a879dde0)

[  143.385700] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  143.392964] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  143.400215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  143.407469] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 000000000000000a
12:12:29 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xe8030000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:29 executing program 6 (fault-call:6 fault-nth:11):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:29 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:29 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:29 executing program 1:
r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x4, 0x800)
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000180))
r1 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x29, 0x7, 0x0)
read(r1, &(0x7f0000000000)=""/177, 0xb1)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={<r2=>0x0, 0x27, "d2cd7ccc76aceabe2dcdcefb1940aef5fde2b05c186a6a024d000710352cfd0c1f03bbaf3da286"}, &(0x7f0000000240)=0x2f)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000280)={r2}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f00000001c0)=0x800, 0x4)

12:12:29 executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xf, 0x3, &(0x7f0000c91000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0xf, 0x57}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0x99, &(0x7f0000000180)=""/153}, 0x48)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={0xffffffffffffffff, r0, 0x6}, 0x10)

[  143.579352] FAULT_INJECTION: forcing a failure.
[  143.579352] name failslab, interval 1, probability 0, space 0, times 0
[  143.590688] CPU: 1 PID: 8852 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  143.599089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  143.608463] Call Trace:
[  143.611064]  dump_stack+0x1c9/0x2b4
[  143.614699]  ? dump_stack_print_info.cold.2+0x52/0x52
[  143.619888]  ? __kernel_text_address+0xd/0x40
[  143.624392]  ? unwind_get_return_address+0x61/0xa0
[  143.629321]  should_fail.cold.4+0xa/0x11
[  143.633373]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  143.638460]  ? save_stack+0xa9/0xd0
[  143.642072]  ? save_stack+0x43/0xd0
[  143.645684]  ? kasan_kmalloc+0xc4/0xe0
[  143.649555]  ? __kmalloc_track_caller+0x14a/0x760
[  143.654378]  ? kstrdup+0x39/0x70
[  143.657731]  ? v9fs_session_init+0xdd/0x1a80
[  143.662127]  ? v9fs_mount+0x7c/0x900
[  143.665827]  ? vfs_get_tree+0x1cb/0x5c0
[  143.669787]  ? do_mount+0x6f2/0x1e20
[  143.673483]  ? ksys_mount+0x12d/0x140
[  143.677272]  ? __x64_sys_mount+0xbe/0x150
[  143.681423]  ? do_syscall_64+0x1b9/0x820
[  143.685478]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  143.690838]  ? lock_release+0xa30/0xa30
[  143.694801]  ? kasan_check_read+0x11/0x20
[  143.698954]  ? rcu_is_watching+0x8c/0x150
[  143.703089]  ? lock_acquire+0x1e4/0x540
[  143.707050]  ? fs_reclaim_acquire+0x20/0x20
[  143.711358]  ? lock_downgrade+0x8f0/0x8f0
[  143.715509]  ? kernel_text_address+0x79/0xf0
[  143.719901]  ? check_same_owner+0x340/0x340
[  143.724205]  ? unwind_get_return_address+0x61/0xa0
[  143.729119]  ? rcu_note_context_switch+0x730/0x730
[  143.734034]  __should_failslab+0x124/0x180
[  143.738255]  should_failslab+0x9/0x14
[  143.742040]  __kmalloc_track_caller+0x2c4/0x760
[  143.746689]  ? save_stack+0xa9/0xd0
[  143.750300]  ? save_stack+0x43/0xd0
[  143.753913]  ? kasan_kmalloc+0xc4/0xe0
[  143.757786]  ? v9fs_session_init+0x115/0x1a80
[  143.762268]  kstrdup+0x39/0x70
[  143.765451]  v9fs_session_init+0x115/0x1a80
[  143.769780]  ? rcu_note_context_switch+0x730/0x730
[  143.774694]  ? legacy_parse_monolithic+0xde/0x1e0
[  143.779523]  ? v9fs_show_options+0x7e0/0x7e0
[  143.783920]  ? lock_release+0xa30/0xa30
[  143.787880]  ? lock_downgrade+0x8f0/0x8f0
[  143.792025]  ? check_same_owner+0x340/0x340
[  143.796334]  ? kasan_unpoison_shadow+0x35/0x50
[  143.800900]  ? kasan_kmalloc+0xc4/0xe0
[  143.804774]  ? kmem_cache_alloc_trace+0x318/0x780
[  143.809604]  ? kasan_unpoison_shadow+0x35/0x50
[  143.814178]  ? kasan_kmalloc+0xc4/0xe0
[  143.818055]  v9fs_mount+0x7c/0x900
[  143.821578]  ? v9fs_drop_inode+0x150/0x150
[  143.825798]  legacy_get_tree+0x131/0x460
[  143.829844]  vfs_get_tree+0x1cb/0x5c0
[  143.833634]  do_mount+0x6f2/0x1e20
[  143.837160]  ? do_raw_spin_unlock+0xa7/0x2f0
[  143.841557]  ? copy_mount_string+0x40/0x40
[  143.845778]  ? kasan_kmalloc+0xc4/0xe0
[  143.849651]  ? kmem_cache_alloc_trace+0x318/0x780
[  143.854484]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  143.860008]  ? copy_mount_options+0x285/0x380
[  143.864486]  ksys_mount+0x12d/0x140
[  143.868101]  __x64_sys_mount+0xbe/0x150
[  143.872061]  do_syscall_64+0x1b9/0x820
[  143.875931]  ? finish_task_switch+0x1d3/0x870
[  143.880412]  ? syscall_return_slowpath+0x5e0/0x5e0
[  143.885330]  ? syscall_return_slowpath+0x31d/0x5e0
[  143.890255]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  143.895268]  ? __switch_to_asm+0x34/0x70
[  143.899316]  ? __switch_to_asm+0x34/0x70
[  143.903361]  ? __switch_to_asm+0x40/0x70
[  143.907406]  ? __switch_to_asm+0x34/0x70
[  143.911451]  ? __switch_to_asm+0x40/0x70
[  143.915497]  ? __switch_to_asm+0x34/0x70
[  143.919548]  ? __switch_to_asm+0x40/0x70
[  143.923593]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  143.928420]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  143.933596] RIP: 0033:0x456a09
[  143.936782] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  143.955672] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  143.963391] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  143.970647] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
12:12:29 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:29 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000f3210000000000000000009c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b47f4418427a0112202f8997ac3b144574d2007121781b6dec51452d99805259322cbb837f04c289c8b80722255407aefc958dbbe1437f34ed554ddd772fc056f3ae00dd682cfee3aa2a50284c185d01b3dd1a58372d847dd29408a534555fdb85f8af20f6ada79bcb1fde7f8c8024d50223b645cddad9d925ac100e3b0ff1330e3a1e413685b76a2372ff6d0c39679f68c3c8f792f1044a181c6d1119d508f24a60b9d96783f7b9370a58277782a8ee53798c258bd633823dfa1b3a5c5e13dc2fdeb1f590e5ccf0d77f859527582041ed933c6632e50d1e517f82b85820c484342dc12604afe35b83f3273feb67a44958d7fc96c6e200000000000000000000000000000000"], 0x57, 0x0, 0xa4a3ad41a879dde0)
r0 = request_key(&(0x7f0000000040)='rxrpc\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000000c0)=')\x00', 0xfffffffffffffffc)
keyctl$clear(0x7, r0)

12:12:29 executing program 0:
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(0xffffffffffffffff, &(0x7f0000000040), 0x10000000000000a6, 0x0)

[  143.978506] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  143.985757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  143.993009] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 000000000000000b
12:12:29 executing program 1:
r0 = perf_event_open(&(0x7f0000000180)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x800, 0x0)
write$FUSE_NOTIFY_POLL(r1, &(0x7f0000000080)={0x18, 0x1, 0x0, {0x7f}}, 0x18)
read(r0, &(0x7f0000000200)=""/177, 0xfffffffffffffed1)

12:12:29 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xfffd8339, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:30 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:30 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x1ff, 0x20000)
setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000200)=0x3, 0x2)
msgrcv(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000006b4756eadcdf93b8d04ffc000000000000000000000000000000000000000000000000000000000000000000000000"], 0x57, 0x0, 0xa4a3ad41a879dde0)
r1 = socket$inet6(0xa, 0x1000000000002, 0x0)
exit_group(0x8001)
ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070")
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f000001bfc8)={&(0x7f00000000c0), 0xc, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000dc42000108000000000000000000000000", @ANYRES32=0x0, @ANYRES32=r2], 0x3}}, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x10000, 0x0)
r4 = getpgrp(0xffffffffffffffff)
write$FUSE_LK(r3, &(0x7f0000000080)={0x28, 0x0, 0x2, {{0x1, 0x799f, 0x3, r4}}}, 0x28)

12:12:30 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:30 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
r1 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x3, 0x4000)
ioctl$TCSETA(r1, 0x5406, &(0x7f0000000180)={0x3f, 0x0, 0x40, 0x100000001, 0x1, 0x0, 0x2, 0x8000, 0xab3, 0x6135})
r2 = accept4(r1, &(0x7f0000000280)=@can, &(0x7f0000000300)=0x80, 0x80000)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000480)={<r3=>0x0}, &(0x7f00000004c0)=0xc)
ptrace$getenv(0x4201, r3, 0x7fff, &(0x7f0000000500))
getpeername(r1, &(0x7f00000001c0)=@ethernet, &(0x7f0000000240)=0x80)
getsockopt$IP6T_SO_GET_ENTRIES(r2, 0x29, 0x41, &(0x7f0000000340)={'raw\x00', 0xbc, "f392adca860c6228795285c0c63c2a7d6a0fe28c976ddfc15625df7b52c2b252af3eeac21652ad3a84545f36b55dc4cf0209152573c739748415404b6ab159d2903b1ff3383d118601f1b57a5c78ebf3152ce7c26385a04ac7b1d9b9d330dd985ffa77f48e6849e8bcdab1cef7ff01485903d3fc1e4fabeec1bcab477ddf1c5cba043b2bf268114eb08bb29317beea05e454071b89778571b0c0849eedbaa8a5f0a156f89deba66c2b029729faf6de7650f1d3a21d3776bdd201d352"}, &(0x7f0000000440)=0xe0)

12:12:30 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x33, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:30 executing program 2:
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:30 executing program 6 (fault-call:6 fault-nth:12):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:30 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:30 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x101002, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000180)={0x2b, @local, 0x4, 0x1, 'ovf\x00', 0x10, 0x5, 0x74}, 0x2c)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:30 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:30 executing program 3:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x4001)

12:12:30 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xffffff7f00000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:30 executing program 4:
r0 = msgget(0x3, 0x10)
msgrcv(r0, &(0x7f0000000040)={0x0, ""/74}, 0x52, 0x1, 0x2000)
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

[  144.302119] FAULT_INJECTION: forcing a failure.
[  144.302119] name failslab, interval 1, probability 0, space 0, times 0
[  144.313408] CPU: 1 PID: 8920 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  144.321815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  144.331168] Call Trace:
[  144.333781]  dump_stack+0x1c9/0x2b4
[  144.337421]  ? dump_stack_print_info.cold.2+0x52/0x52
[  144.342610]  ? kernel_text_address+0x79/0xf0
[  144.347012]  ? __kernel_text_address+0xd/0x40
[  144.351502]  should_fail.cold.4+0xa/0x11
[  144.355557]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  144.360650]  ? save_stack+0xa9/0xd0
[  144.364265]  ? save_stack+0x43/0xd0
[  144.367877]  ? kasan_kmalloc+0xc4/0xe0
[  144.371756]  ? kmem_cache_alloc_trace+0x152/0x780
[  144.376591]  ? v9fs_session_init+0x21a/0x1a80
[  144.381074]  ? v9fs_mount+0x7c/0x900
[  144.384778]  ? legacy_get_tree+0x131/0x460
[  144.389009]  ? vfs_get_tree+0x1cb/0x5c0
[  144.392972]  ? do_mount+0x6f2/0x1e20
[  144.396680]  ? ksys_mount+0x12d/0x140
[  144.400473]  ? __x64_sys_mount+0xbe/0x150
[  144.404611]  ? do_syscall_64+0x1b9/0x820
[  144.408676]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  144.414043]  ? lock_release+0xa30/0xa30
[  144.418018]  ? kasan_check_read+0x11/0x20
[  144.422157]  ? rcu_is_watching+0x8c/0x150
[  144.426299]  ? lock_acquire+0x1e4/0x540
[  144.430276]  ? fs_reclaim_acquire+0x20/0x20
[  144.434589]  ? lock_downgrade+0x8f0/0x8f0
[  144.438733]  ? check_same_owner+0x340/0x340
[  144.443044]  ? check_same_owner+0x340/0x340
[  144.447355]  ? rcu_note_context_switch+0x730/0x730
[  144.452282]  __should_failslab+0x124/0x180
[  144.456507]  should_failslab+0x9/0x14
[  144.460302]  kmem_cache_alloc_trace+0x2cb/0x780
[  144.464979]  ? __lockdep_init_map+0x105/0x590
[  144.469473]  ? kmem_cache_alloc_trace+0x318/0x780
[  144.474309]  ? lockdep_init_map+0x9/0x10
[  144.478366]  p9_idpool_create+0x42/0x120
[  144.482424]  p9_client_create+0x276/0x1587
[  144.486659]  ? p9_client_read+0xc70/0xc70
[  144.490812]  ? lock_acquire+0x1e4/0x540
[  144.495459]  ? fs_reclaim_acquire+0x20/0x20
[  144.499773]  ? lock_downgrade+0x8f0/0x8f0
[  144.503910]  ? lock_release+0xa30/0xa30
[  144.507872]  ? kernel_text_address+0x79/0xf0
[  144.512270]  ? __lockdep_init_map+0x105/0x590
[  144.516757]  ? lockdep_init_map+0x9/0x10
[  144.520806]  ? kasan_check_write+0x14/0x20
[  144.525033]  ? __init_rwsem+0x1cc/0x2a0
[  144.528996]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  144.534004]  ? __kmalloc_track_caller+0x311/0x760
[  144.538831]  ? save_stack+0xa9/0xd0
[  144.542446]  ? save_stack+0x43/0xd0
[  144.546067]  ? kasan_kmalloc+0xc4/0xe0
[  144.549943]  ? memcpy+0x45/0x50
[  144.553225]  v9fs_session_init+0x21a/0x1a80
[  144.557538]  ? rcu_note_context_switch+0x730/0x730
[  144.562466]  ? legacy_parse_monolithic+0xde/0x1e0
[  144.567307]  ? v9fs_show_options+0x7e0/0x7e0
[  144.571720]  ? lock_release+0xa30/0xa30
[  144.575689]  ? check_same_owner+0x340/0x340
[  144.580004]  ? lock_downgrade+0x8f0/0x8f0
[  144.584155]  ? kasan_unpoison_shadow+0x35/0x50
[  144.588723]  ? kasan_kmalloc+0xc4/0xe0
[  144.592606]  ? kmem_cache_alloc_trace+0x318/0x780
[  144.597448]  ? kasan_unpoison_shadow+0x35/0x50
[  144.602018]  ? kasan_kmalloc+0xc4/0xe0
[  144.605902]  v9fs_mount+0x7c/0x900
[  144.609440]  ? v9fs_drop_inode+0x150/0x150
[  144.613670]  legacy_get_tree+0x131/0x460
[  144.617731]  vfs_get_tree+0x1cb/0x5c0
[  144.621523]  do_mount+0x6f2/0x1e20
[  144.625058]  ? check_same_owner+0x340/0x340
[  144.629462]  ? lock_release+0xa30/0xa30
[  144.633432]  ? copy_mount_string+0x40/0x40
[  144.637756]  ? kasan_kmalloc+0xc4/0xe0
[  144.641703]  ? kmem_cache_alloc_trace+0x318/0x780
[  144.646548]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  144.652073]  ? _copy_from_user+0xdf/0x150
[  144.656213]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  144.661740]  ? copy_mount_options+0x285/0x380
[  144.666235]  ksys_mount+0x12d/0x140
[  144.669858]  __x64_sys_mount+0xbe/0x150
[  144.673824]  do_syscall_64+0x1b9/0x820
[  144.677704]  ? finish_task_switch+0x1d3/0x870
[  144.682190]  ? syscall_return_slowpath+0x5e0/0x5e0
[  144.687111]  ? syscall_return_slowpath+0x31d/0x5e0
[  144.692029]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  144.697030]  ? __switch_to_asm+0x34/0x70
[  144.701079]  ? __switch_to_asm+0x34/0x70
[  144.705130]  ? __switch_to_asm+0x40/0x70
[  144.709177]  ? __switch_to_asm+0x34/0x70
[  144.713225]  ? __switch_to_asm+0x40/0x70
[  144.717285]  ? __switch_to_asm+0x34/0x70
[  144.721331]  ? __switch_to_asm+0x40/0x70
[  144.725384]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  144.730227]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  144.735404] RIP: 0033:0x456a09
12:12:30 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockname(r0, &(0x7f00000000c0)=@l2, &(0x7f0000000140)=0x80)

12:12:30 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:30 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:30 executing program 5:
r0 = socket$inet6(0xa, 0x3, 0x6)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x7, &(0x7f0000000300)={@local}, &(0x7f0000000340)=0x20)

[  144.738599] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  144.757486] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  144.765201] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  144.772978] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  144.780244] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  144.787504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  144.794769] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 000000000000000c
12:12:30 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(r0, 0x4, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:30 executing program 5:
io_setup(0x800000100004, &(0x7f0000001880))

12:12:30 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x400000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:30 executing program 1:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x410800, 0x0)
ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f00000002c0)={0x2000000000000000, 0x1, 0x7fffffff, 0x1, 0x3})
r1 = syz_genetlink_get_family_id$team(&(0x7f0000000340)='team\x00')
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000400)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@local}, 0x0, @in=@dev}}, &(0x7f0000000500)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000840)={'team0\x00', <r3=>0x0})
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000940)={@loopback, @broadcast, <r4=>0x0}, &(0x7f0000000980)=0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000009c0)={'bcsf0\x00', <r5=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000a00)={'vcan0\x00', <r6=>0x0})
getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000a40)={@dev, @local, <r7=>0x0}, &(0x7f0000000a80)=0xc)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000ac0)={<r8=>0x0, @remote}, &(0x7f0000000b00)=0xc)
getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000b80)={@multicast1, @multicast1, <r9=>0x0}, &(0x7f0000000bc0)=0xc)
accept$packet(r0, &(0x7f0000000c80)={0x11, 0x0, <r10=>0x0}, &(0x7f0000000cc0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000d00)={{{@in=@remote, @in6=@ipv4={[], [], @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6}, 0x0, @in=@loopback}}, &(0x7f0000000e00)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000e40)={'vcan0\x00', <r12=>0x0})
getsockname$packet(r0, &(0x7f0000004180)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000041c0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004200)={'team0\x00', <r14=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000004300)={{{@in6=@ipv4={[], [], @multicast2}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000004400)=0xe8)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000004440)={@rand_addr, @broadcast, <r16=>0x0}, &(0x7f0000004480)=0xc)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000044c0)={'veth1_to_team\x00', <r17=>0x0})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000004500)={<r18=>0x0, @dev, @loopback}, &(0x7f0000004540)=0xc)
getpeername(r0, &(0x7f0000004640)=@hci={0x1f, <r19=>0x0}, &(0x7f00000046c0)=0x80)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700)={'team0\x00', <r20=>0x0})
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000004740)={<r21=>0x0, @multicast1}, &(0x7f0000004780)=0xc)
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004e40)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000004e00)={&(0x7f00000047c0)={0x634, r1, 0x200, 0x70bd27, 0x25dfdbfc, {}, [{{0x8, 0x1, r2}, {0x12c, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r4}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r5}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r7}, {0xc4, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0xaed}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r8}}}, {0x4c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x1c, 0x4, [{0xff, 0x6, 0x81, 0x2}, {0x8, 0xfffffffffffffff9, 0x7, 0x8}, {0x80, 0xbe, 0x0, 0x3}]}}}]}}, {{0x8, 0x1, r9}, {0xec, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x100000000}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x8001}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r10}}}]}}, {{0x8, 0x1, r11}, {0x1f0, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r12}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r13}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x80000000}}, {0x8, 0x6, r14}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r15}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0xfff}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r17}}}]}}, {{0x8, 0x1, r18}, {0x12c, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x959}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r19}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r20}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r21}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x10, 0x4, 'roundrobin\x00'}}}]}}]}, 0x634}, 0x1, 0x0, 0x0, 0x50}, 0x20000041)
getsockopt$inet_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000180)=""/241, &(0x7f0000000280)=0xf1)
r22 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r22, &(0x7f0000000000)=""/177, 0xb1)

12:12:30 executing program 4:
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
tee(r0, r0, 0x3, 0x8)
msgrcv(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:30 executing program 6 (fault-call:6 fault-nth:13):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:30 executing program 5:
socket$alg(0x26, 0x5, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'veth0_to_bridge\x00', &(0x7f0000000000)=@ethtool_coalesce={0x3e}})
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000140)={@multicast1, @multicast2}, 0x8)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket(0x2, 0x803, 0x1)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xd}}, 0x10)
connect$inet(r1, &(0x7f0000390000)={0x2, 0x0, @multicast2}, 0x10)
r2 = open(&(0x7f0000074000)='./file0\x00', 0x141046, 0x0)
ftruncate(r2, 0x8007ffc)
sendfile(r1, r2, 0x0, 0x72439a6b)

12:12:30 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:30 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(r0, 0x4, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:30 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xe00, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:30 executing program 1:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/dsp\x00', 0x1, 0x0)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000500)={0x35c1, 0x1, 0x7})
r1 = syz_open_dev$adsp(&(0x7f00000001c0)='/dev/adsp#\x00', 0x8, 0x40800)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f0000000200))
r2 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x0, 0x0)
ioctl$VHOST_GET_VRING_ENDIAN(r1, 0x4008af14, &(0x7f0000000340)={0x3, 0x1ff})
ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000180)={0x4, <r4=>0xffffffffffffff9c})
read(r2, &(0x7f0000000000)=""/177, 0xb1)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r1, 0xc0105303, &(0x7f0000000240)={0x5, 0x6, 0x3})
setsockopt$inet6_group_source_req(r1, 0x29, 0x2f, &(0x7f0000000380)={0x0, {{0xa, 0x4e24, 0x2, @ipv4={[], [], @multicast1}, 0x3}}, {{0xa, 0x4e21, 0x6, @ipv4={[], [], @remote}, 0x7f}}}, 0x108)
r5 = timerfd_create(0x6, 0x800)
ppoll(&(0x7f0000000280)=[{r4, 0x40}, {r3}, {r4, 0x1010}, {r5, 0x4}, {r2, 0x4000}, {r2, 0x80}, {r2, 0x80}, {r4, 0x40}], 0x8, &(0x7f00000002c0)={0x0, 0x1c9c380}, &(0x7f0000000300)={0x9ff9}, 0x8)

12:12:30 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x400000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000040)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a8795de0)

12:12:30 executing program 3:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open_by_handle_at(r0, &(0x7f0000000080)={0x8}, 0x0)

12:12:31 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:31 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000002b2d955d8938e90322fed6f47c484c4ec85d75efc19700000000000000000000000000000000000000000000000000000000000000000000000000bf5034a760cbf3b7000000000000000000000000000000000018c55de684c7d8eb4bc513ce7de0ee09e8b5eeb47fc9e0aaee1a7890947edde02925d2887f32dd67eb85a35f7740eee7a424d3eb0a3071087d8ca96765c819ca1d65708b5b10ce331c9a0f5ec57619f0f9f7ead5fa5da8a63cf91d024dcba4d5487a1ba32a13f74d4de2e42469a3eac69e9f4f9f24f13e"], 0x57, 0x0, 0xa4a3ad41a879dde0)

[  145.080813] FAULT_INJECTION: forcing a failure.
[  145.080813] name failslab, interval 1, probability 0, space 0, times 0
[  145.092051] CPU: 0 PID: 8979 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  145.100454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  145.109812] Call Trace:
[  145.112499]  dump_stack+0x1c9/0x2b4
[  145.116152]  ? dump_stack_print_info.cold.2+0x52/0x52
[  145.121364]  should_fail.cold.4+0xa/0x11
[  145.125450]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  145.130573]  ? trace_hardirqs_on+0x10/0x10
[  145.134815]  ? lock_release+0xa30/0xa30
[  145.138799]  ? kasan_check_read+0x11/0x20
[  145.142951]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  145.147553]  ? do_raw_spin_lock+0xc1/0x200
[  145.151810]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  145.157365]  ? kernel_poison_pages+0x136/0x220
[  145.161985]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  145.166852]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  145.171742]  ? perf_trace_lock+0x920/0x920
[  145.175996]  ? perf_trace_lock+0x920/0x920
[  145.180229]  ? kasan_alloc_pages+0x38/0x40
[  145.184462]  ? get_page_from_freelist+0x107a/0x4620
[  145.189483]  __should_failslab+0x124/0x180
[  145.193730]  should_failslab+0x9/0x14
[  145.197526]  kmem_cache_alloc+0x47/0x760
[  145.201582]  ? lock_acquire+0x1e4/0x540
[  145.205541]  ? is_bpf_text_address+0xae/0x170
[  145.210029]  ? lock_downgrade+0x8f0/0x8f0
[  145.214179]  radix_tree_node_alloc.constprop.19+0x1e6/0x310
[  145.219883]  idr_get_free+0x887/0x10d0
[  145.223785]  ? radix_tree_iter_tag_clear+0xd0/0xd0
[  145.228707]  ? __kernel_text_address+0xd/0x40
[  145.233197]  ? unwind_get_return_address+0x61/0xa0
[  145.238131]  ? perf_trace_lock_acquire+0xeb/0x9a0
[  145.242965]  ? save_stack+0xa9/0xd0
[  145.246670]  ? perf_trace_lock+0x920/0x920
[  145.250893]  ? p9_client_create+0x276/0x1587
[  145.255292]  ? v9fs_mount+0x7c/0x900
[  145.258994]  ? legacy_get_tree+0x131/0x460
[  145.263215]  ? do_mount+0x6f2/0x1e20
[  145.266916]  ? ksys_mount+0x12d/0x140
[  145.270705]  ? __x64_sys_mount+0xbe/0x150
[  145.274841]  ? do_syscall_64+0x1b9/0x820
[  145.278893]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  145.284245]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  145.289613]  ? kasan_check_read+0x11/0x20
[  145.293756]  ? rcu_is_watching+0x8c/0x150
[  145.297902]  idr_alloc_u32+0x1d4/0x3a0
[  145.301780]  ? __fprop_inc_percpu_max+0x2d0/0x2d0
[  145.306623]  ? p9_idpool_get+0x23/0x70
[  145.310507]  idr_alloc+0x111/0x1b0
[  145.314039]  ? idr_alloc_u32+0x3a0/0x3a0
[  145.318116]  ? do_raw_spin_lock+0xc1/0x200
[  145.322350]  p9_idpool_get+0x3d/0x70
[  145.326061]  p9_client_create+0x35d/0x1587
[  145.330292]  ? p9_client_read+0xc70/0xc70
[  145.334435]  ? lock_acquire+0x1e4/0x540
[  145.338402]  ? fs_reclaim_acquire+0x20/0x20
[  145.342716]  ? lock_downgrade+0x8f0/0x8f0
[  145.347053]  ? lock_release+0xa30/0xa30
[  145.351032]  ? kernel_text_address+0x79/0xf0
[  145.355438]  ? __lockdep_init_map+0x105/0x590
[  145.359927]  ? lockdep_init_map+0x9/0x10
[  145.363976]  ? kasan_check_write+0x14/0x20
[  145.368209]  ? __init_rwsem+0x1cc/0x2a0
[  145.372171]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  145.377180]  ? __kmalloc_track_caller+0x311/0x760
[  145.382016]  ? save_stack+0xa9/0xd0
[  145.385636]  ? save_stack+0x43/0xd0
[  145.389263]  ? kasan_kmalloc+0xc4/0xe0
[  145.393149]  ? memcpy+0x45/0x50
[  145.396434]  v9fs_session_init+0x21a/0x1a80
[  145.400746]  ? rcu_note_context_switch+0x730/0x730
[  145.405663]  ? legacy_parse_monolithic+0xde/0x1e0
[  145.410500]  ? v9fs_show_options+0x7e0/0x7e0
[  145.414928]  ? lock_release+0xa30/0xa30
[  145.418901]  ? check_same_owner+0x340/0x340
[  145.423225]  ? kasan_unpoison_shadow+0x35/0x50
[  145.427798]  ? kasan_kmalloc+0xc4/0xe0
[  145.431681]  ? kmem_cache_alloc_trace+0x318/0x780
[  145.436508]  ? kasan_unpoison_shadow+0x35/0x50
[  145.441076]  ? kasan_kmalloc+0xc4/0xe0
[  145.444959]  v9fs_mount+0x7c/0x900
[  145.448494]  ? v9fs_drop_inode+0x150/0x150
[  145.452717]  legacy_get_tree+0x131/0x460
[  145.456771]  vfs_get_tree+0x1cb/0x5c0
[  145.460566]  do_mount+0x6f2/0x1e20
[  145.464115]  ? do_raw_spin_unlock+0xa7/0x2f0
[  145.468523]  ? copy_mount_string+0x40/0x40
[  145.472755]  ? kasan_kmalloc+0xc4/0xe0
[  145.476638]  ? kmem_cache_alloc_trace+0x318/0x780
[  145.481481]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  145.487005]  ? copy_mount_options+0x285/0x380
[  145.491493]  ksys_mount+0x12d/0x140
[  145.495115]  __x64_sys_mount+0xbe/0x150
[  145.499083]  do_syscall_64+0x1b9/0x820
[  145.502961]  ? finish_task_switch+0x1d3/0x870
[  145.507450]  ? syscall_return_slowpath+0x5e0/0x5e0
[  145.512398]  ? syscall_return_slowpath+0x31d/0x5e0
[  145.517412]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  145.522420]  ? __switch_to_asm+0x34/0x70
[  145.526477]  ? __switch_to_asm+0x34/0x70
[  145.530533]  ? __switch_to_asm+0x40/0x70
[  145.534592]  ? __switch_to_asm+0x34/0x70
[  145.538646]  ? __switch_to_asm+0x40/0x70
[  145.542710]  ? __switch_to_asm+0x34/0x70
[  145.546771]  ? __switch_to_asm+0x40/0x70
[  145.550830]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  145.555671]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  145.560863] RIP: 0033:0x456a09
[  145.564054] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
12:12:31 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(r0, 0x4, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(r0, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:31 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x34000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:31 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

[  145.582945] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  145.590644] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  145.597909] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  145.605171] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  145.612426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  145.619695] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 000000000000000d
12:12:31 executing program 5:
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x29, 0x5, 0x0)
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000040)={'bcsh0\x00', {0x2, 0x0, @loopback}})

12:12:31 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x10800, 0x0)
ioctl$SG_GET_RESERVED_SIZE(r1, 0x2272, &(0x7f0000000180))
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:31 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='/exe\x00\x00\x00\x00\x00\x00')
fcntl$setstatus(r0, 0x4, 0x46000)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffc000/0x1000)=nil})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000ffd000/0x1000)=nil})
preadv(0xffffffffffffffff, &(0x7f0000000040), 0x10000000000000a6, 0x0)

12:12:31 executing program 6 (fault-call:6 fault-nth:14):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:31 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0xfffffffffffffc00, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffeffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x3)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
getsockname(0xffffffffffffffff, &(0x7f0000000180)=@pppol2tp={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, {0x2, 0x0, @rand_addr}}}, &(0x7f00000000c0)=0x80)
accept$alg(r1, 0x0, 0x0)
fgetxattr(r1, &(0x7f0000000200)=@known='com.apple.FinderInfo\x00', &(0x7f0000000240)=""/171, 0xab)
read(r0, &(0x7f0000000300), 0x0)

12:12:31 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:31 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x3c00000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:31 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000008000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x22, 0x7}}, &(0x7f0000014ff5)="73797a6b610000000500f3", 0x2, 0x1000, &(0x7f0000014000)=""/4096}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={r0, 0x0, 0xe81, 0x6e, &(0x7f0000000140)="1bd7e8e4b422c78dc372ab65a0506ecad909b0131d5a61d0b7c5bd7eb86b2da324950a1622109bae205d40f9a1c0c6c9e41b6bca3ba1b1625aa8e91084ffab71e31916b35a349e07b899af5e3f8abd22885aefe31518f76d9c167bcd6e073e6885b396d9114d641648870555cfafdc74f246086fa98101d5ef41f658493911a1f0815b7c38e6b0d097594709606212dd1e4788ce0265b908746ebf0e244db1d1b6b783ad8d2173523eab22d11846a0d15edc808b5f806de1acfe63a000150ac0a9dcdb2bfe032d33f524e3f71f634007b6b38aa074e56ba0f61201ef6155ee797f85372e58392a1396b29fc580e06a460f670a950af5082344cd3e819cc9ca91514604fe7a1fb2beecfa7fb5e2cd97e7d765ac2394e05275fb92ffbd9e3f5d6890c3b1e75c231f8a018a641c81d37d2ccb9caafe8ed8217b96ed1bfb0ba082c138ee0263e8539a2ef5c92fe9250317d28bf9e0dcf181dcddfc517f03df2d0779ef019ea7a56829c059a493bfc42eb850827e4fcaba9059108819a3d7b86bf238c2ae5278c7535f70c08f5f969df41b68716572add4114a9fd8b604684b53e49a23a4989e9a41fa7fe43592e30eca7f622db45ef1659357302d650b51af5380f2d7444ad7b8dc1be799856b2cd49a8907246766838e58dbf477946891377b551c8f97e3dc69b2b4edaa595594291b1250f35b67712ec0de162e6ae8e7c2e031a31e872f368a2634524709f3dcaaed140dd6984b263ddd424ff7016e9e3a3571ab3e36d8fafa4c156342aa228e87cc973f07538232f72c65e841b860e75aa077971165128b8974b6685bf5ae784aa21d17effed1e327fd8990fdc5ee4aca3c2532a974de94feb90ea04fa7b61f544ef8e083a015bb010739e08516224c2bf1d2dce68c9471da563e7a6dc81344977e34d7532e788e1979b5ba19aaa0e4964966fe818718cce273180239871444f308756df51288adb792ae97965f0301ea4c320415c48d6f3fc9a9a0b733bbdb018bc77338e0b3f359bab20b298fdeb466e53b798980e49f693f29724dbe9ec9f4495874641866e64122bb285c6a687ae2daedc9077608f592a2131dc2503b002d62b1907f9f128fb7f808e150aaaaf3f1b4aebde9b2c349296b103874dbf98e027a3d285ec8d64ddf65ed0b76449a83e3764516c53e82da6c213ffc9ae07ee0c8c4e687fe1bfb1d809297fb369a764b4114346f5ef4fd4b03dabc758b7c7ad0186124fc9756987274512e0a334f65555fb1b788a4348772df21913b6bea32a41fa91e9d79908b234afcd1d56889c41ee51a406cc5569261e1b3a7ab844894c5e8ae1bf2f862640a4ebf501453b88bf471fa82656f93ba2d16e052083c291fc72fa29cb482658e47ff99da31ba5a0a7346f3c48a218b587b47b82b739a88267ca9814eacdefb2db9b0b3df02295127e91cd8e47c18fcb601273ca29f5def4d7644613d1a7d66686d88ead24082cea2eb53ae5489d4ca76ca6bd2dfa267bcd77e8d7bbcd2254f3552a2055f87ccdc6c30095797ccc042a440ff93539765ccd8c39ff5c639722db0b09b4b376d6683c840c0f968040e2d528643b5e5de042977203855210a07a91a3a28452ab377f91bb405890c6232705093bf89b471b555dded21f6f1bedc26677e9e4409d3f3cbd28d4497402f038c1c149701652dca16010ec102322f6b9739ba5f6b44a47072935e020de1c566d7f662c35d5fa0bc0ad8df436adb0605844fbb354fc1d81e5e754bb9017f824016d7699e3e1347facd9fa2f17bca18b99a1971f4fd73441d3b6dbdc50f80d034f6c80f2dc9b6188a3e951af29245d98fa1aa6d93d5d338fe61f037c2766553df0ad6a737328b8a733ea9a3771b218d6988bdcf851edd083245713d64c9f5455209ef9e92cc77ad466ba5607a61ccfbe52628e663babcaf02cd46ba9e8dbeceb07a234252ae68f9bea284f5a2728ae7a421bd0a7e4c963589af1d68d5e7130abdcbf343a5397d9e8e70871d2f42b26b2a09bd30f8ac952bb650d9c163670db6fc5e00d4a0de41a4b471ac9a512b1e3e4bffa99ca72efc9bc741614323f571912468e33c941be0cf21ea42abbf260a791bff496ab3f26793ef22603791faf37f3a8df62edcc68b2cc2510395f4d79ff813cb3921656f147bd1bfeb84bd31e7906e4bfbfb259ca8f78db101566ce1027932980017ce7edd09d11533071575f8b46d49cec14ee5de0f621d2920da5f2ae8b86d52d640116345e57eb1f0973ba64218c1030588b091789158c21bbfb276d34180c39f5271cea1ff6d54c2395edde5f89b2750220659199f50438b1bdca73c3418e8ab2d25efebc7618dd7a3f7fb5eb21aec29dc5eeefef2612dabe492ba385af21d964805c04a7afba09175c70f72adcf49bcc44c44faf78e1378b729a17fe4ad0f9c1fd74ba8277cb16c93ba302d6c9e85ed518c0d00c53e619a994400793b3ea20c81bfce57c93c9f4835cb883de96c9208f468641ce9cd0f822e82b9d0a5a20b9573e69a7ef894de472c3407a28530e0d022cb9dde92d2cead86ef615228a7055a666a411869210f03644da7685028fbc4742e1e9a14aaf57671f07bfd39bd0403110fbdfd6ed868e2225ae26bff8fd6f01454595e128420a36b61535fdc3233f702fbf5afb3ff16882b4082aaca0a8ff069088a59df958846547e386d86a309ba26f53e577b90880602812f87470bc020deb8af6329710405f3c48464e770e97147ba662043649f9174d9d80d414991b063c0b207b5205c1bf241c3f498d6b5ad7780fc46c83e49b20575f851fa07ef624a87d10a4aab7254df1da1d44f2aa80339e8c297afe2a73781ac4fbd442e824845ff5d5dc85159cf8ae836b346a69d8ab589931a6cc28e73e93c39b52ea676ab73b48a4ef0a42e30724b7352a22ecc87ff1e666520f416f1a2f88185bb0be49a7547396202accdcf2a6ec6c3679a93aeb7dbc20ebd74e186716570b68a30ece1ca9c3b804e716d5cbac153f63738b13c6029d02a1dfe09ddd553f2c2abd72d5994aaf28261b55583692dbab543cb215e6e47125b6e129c9dbb4c33a5b6546557a00405a175a4b062662d69e8f499e1013242fe95e1db629b409a079d26ea757222d833f879067f5f44ebad198d04e9e3213262b27409e29579d026bb90c026d7b3d09a9b960bca658eadb22d6ae3b31d873972996bd883164bda7c54ee3b53856127e6b4f9dd8d8cc93ce4a9b062c5cb4d0549d85968e2cf969a5ae483906361d7f9838ba9803b459d8abc1d623e429583bf5db2caa211c2eaa278e0f1271c1e140d1f2ca3828eaf35a371bcc45d176559449f039ea2f4029ab2acaf30f9a387171bf8abdcccf610082a35155896c55fc8651b34152db89a91c164d8261809d407fe0862fdebab90cd37a61a69b03294c3d5c25ca471b8b9d011950add3e90958d8de1260563890e8d374a6d62bb5876665e017379dd86d3bd48996878cb8af6558ca01019027ecefd94fae3cf59e2776d1788e6f8908eaa9fc79578231df552ecac8b4147fd503714b23dac5f997b4ccdf228152b1e12cce6be34f9382a0491d6379c9c0b70dd77dbd03f63c4d8ad9a3fc8482a18986f0265a14926f34112288c000dfef9b583d5105a8ef3bb383ddae2d3404bc9f23340bb95dcb72552a08c1d55c9a75d3cf6f0e08c76c70a992b5507d6a5cf0e4bb9105b8460b6ea46a65c64b7a16754f8717febd166f356cd845810ab36656d6b3fe04c41e064bccf42381452b30bd8445e2be504140607f3a009f36e63285613dc4e894ebd61264d4ba7dbfd37c5087140e22897d4fda571ed47704f9c9e9ae7eafb73fdedd59d4f9d2313a2df50e5e73a4095103fd1a12907eb1f26b7be0f23df5421ef56a5bbfdb37622609ae99b4d13f8d7597cd843457b639afe08f954e49a0c844857f401c4f11c50d3939db9dc8178fa50a62993192b37d3d4cc7e776d0b1e11e26d654e394acf7372c1c13098f7b3ed12bbd72bdd25335aeeb28108db4bfda636161eb3e110f1aa7c6fd7579358c2ee6ec2469bd87028c690ee3580e15242ca5de165035d1e8d7ded8b9ead9cd7834c402e1018b012f462ae90fbd037c7081945b5e983b92f5c529436e0e6a8b1dd6b085f43a2ff64c6f771047eade90649ce5ee5052e2312b417139a07aae5c312f1fa0a81bf3db3a4eb7b00d667fc74db95d44705f748f8046369fa786b90f8f225a913466c63ae65882ed6f47d9d82cc02f9e966e9abfe0fe92789b4aabbb3ad8bc70ac056ed92764be4bd3e5a5407e4096d645a17d4da09f07b240d5ddef32843cfb5baaf5a3b587a52460d7b40b03fc194b91ef41e0f81c374e5e680f63b09b20bc63dbf30b1b8e7fc59b951be42977a838bdff4203011dfe530fa7e591360afe4e275b82e2edee3d3919bf669603e802367fb709f6a465f632cfaa55d582e1309c0a53eb1f85e56c518a4371c9f3d25966622522ad89ef46fad89b0540cd863a7387022c193113092e0ffd219e96d7247c08495438c821bc11962bba4d9e6d64526ef9e5979198abce3a95264f51f9752b0f5c8659a185c8de254cfd97b5facfcc79dd27ca109af9ace68e3ab704434050dd015af9cc3b83c3aaf38dcc968d11600f05989b5f17d4c50dfc887093cfc4829300ea1956e7383aac5af9b372f7bde6a09cb041c4b598d1abef547d9672631a453094c7d4efb59a22bf5b680454f00655b48fc092fa77a33f509604a5df909b0813b72a7d31981e5f50764b719f1f65cce247083ca0fe7df85de196597a807d8e33aaa4a7fb177704b7878e25a8f274cfa159cd63e1b2ce1a467b17b6910806f0fde88816bd11887483c2ecf8d50e16d91ff775e338ca7f1b565fc51b30e79c6eb5232b23e8e9f6938922adcd8db358d5b5d066b52120af799430ee6a443b7aa2a4cbde6f607155a90462ae7425fc562c9a5da59fdc7ec88b28b97e294a462e54b5701d8f39ee67ab5119488dc4d9348afcf79759335bdbae7983f2597c6b61b2e136b3ecc041853fac58b99fb3706cae86ec24681e9735912c22376cc03c2e36152c4097fb45305864fed3aff103a7711b6b8b1067dd14e20c97782823e39664f06460cf356302fddb0bd0dd52404c9076ecde9f3b8d6c0404a0e48c086555173a3ff79744634f53d63d141a9665ec2883e7602c5d1f784ec8b28b7a3ee49454119241e9ab20012619aa3bb2e74d6be2f3f904168672ad1d8077ec64911dbc062b1", &(0x7f0000001140)=""/110}, 0x28)

12:12:31 executing program 4:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x400000, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000001c0)=[@in={0x2, 0x4e22}, @in6={0xa, 0x4e23, 0x7f, @remote, 0x43}, @in6={0xa, 0x4e24, 0x2}], 0x48)
perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x3fffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:31 executing program 3:

12:12:31 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x500, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  145.853870] FAULT_INJECTION: forcing a failure.
[  145.853870] name failslab, interval 1, probability 0, space 0, times 0
[  145.865316] CPU: 0 PID: 9035 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  145.873991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  145.883357] Call Trace:
[  145.885967]  dump_stack+0x1c9/0x2b4
[  145.889613]  ? dump_stack_print_info.cold.2+0x52/0x52
[  145.894822]  ? perf_trace_lock+0xde/0x920
[  145.898988]  should_fail.cold.4+0xa/0x11
12:12:31 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00'})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:31 executing program 0:

12:12:31 executing program 3:

[  145.903065]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  145.908182]  ? perf_trace_lock+0xde/0x920
[  145.912341]  ? zap_class+0x740/0x740
[  145.916063]  ? kasan_kmalloc+0xc4/0xe0
[  145.919963]  ? kmem_cache_alloc_trace+0x152/0x780
[  145.924838]  ? __radix_tree_replace+0x188/0x2f0
[  145.929518]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  145.935078]  ? node_tag_clear+0xc0/0x1c0
[  145.939155]  ? lock_acquire+0x1e4/0x540
[  145.943147]  ? fs_reclaim_acquire+0x20/0x20
[  145.947481]  ? lock_downgrade+0x8f0/0x8f0
12:12:31 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000180)=""/177, 0xb1)

[  145.951654]  ? check_same_owner+0x340/0x340
[  145.955983]  ? p9_idpool_get+0x4a/0x70
[  145.959887]  ? rcu_note_context_switch+0x730/0x730
[  145.964916]  __should_failslab+0x124/0x180
[  145.969183]  should_failslab+0x9/0x14
[  145.973006]  __kmalloc_track_caller+0x2c4/0x760
[  145.977687]  ? idr_alloc_u32+0x3a0/0x3a0
[  145.981755]  ? do_raw_spin_lock+0xc1/0x200
[  145.985998]  ? p9_client_create+0x430/0x1587
[  145.990416]  kstrdup+0x39/0x70
[  145.993617]  p9_client_create+0x430/0x1587
[  145.997865]  ? p9_client_read+0xc70/0xc70
[  146.002019]  ? lock_acquire+0x1e4/0x540
[  146.006002]  ? fs_reclaim_acquire+0x20/0x20
[  146.010329]  ? lock_downgrade+0x8f0/0x8f0
[  146.014479]  ? lock_release+0xa30/0xa30
[  146.018442]  ? kernel_text_address+0x79/0xf0
[  146.022848]  ? __lockdep_init_map+0x105/0x590
[  146.027337]  ? lockdep_init_map+0x9/0x10
[  146.031390]  ? kasan_check_write+0x14/0x20
[  146.035616]  ? __init_rwsem+0x1cc/0x2a0
[  146.039596]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  146.044608]  ? __kmalloc_track_caller+0x311/0x760
[  146.049444]  ? save_stack+0xa9/0xd0
[  146.053059]  ? save_stack+0x43/0xd0
[  146.056681]  ? kasan_kmalloc+0xc4/0xe0
[  146.060639]  ? memcpy+0x45/0x50
[  146.063912]  v9fs_session_init+0x21a/0x1a80
[  146.068219]  ? legacy_parse_monolithic+0xde/0x1e0
[  146.073051]  ? v9fs_show_options+0x7e0/0x7e0
[  146.077462]  ? lock_release+0xa30/0xa30
[  146.081423]  ? check_same_owner+0x340/0x340
[  146.085726]  ? lock_downgrade+0x8f0/0x8f0
[  146.089862]  ? kasan_unpoison_shadow+0x35/0x50
[  146.094429]  ? kasan_kmalloc+0xc4/0xe0
[  146.098303]  ? kmem_cache_alloc_trace+0x318/0x780
[  146.103129]  ? kasan_unpoison_shadow+0x35/0x50
[  146.107696]  ? kasan_kmalloc+0xc4/0xe0
[  146.111580]  v9fs_mount+0x7c/0x900
[  146.115110]  ? v9fs_drop_inode+0x150/0x150
[  146.119328]  legacy_get_tree+0x131/0x460
[  146.123375]  vfs_get_tree+0x1cb/0x5c0
[  146.127161]  do_mount+0x6f2/0x1e20
[  146.130688]  ? check_same_owner+0x340/0x340
[  146.134996]  ? lock_release+0xa30/0xa30
[  146.138968]  ? copy_mount_string+0x40/0x40
[  146.143185]  ? kasan_kmalloc+0xc4/0xe0
[  146.147063]  ? kmem_cache_alloc_trace+0x318/0x780
[  146.151895]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  146.157425]  ? _copy_from_user+0xdf/0x150
[  146.161560]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  146.167085]  ? copy_mount_options+0x285/0x380
[  146.171570]  ksys_mount+0x12d/0x140
[  146.175186]  __x64_sys_mount+0xbe/0x150
[  146.179150]  do_syscall_64+0x1b9/0x820
[  146.183022]  ? finish_task_switch+0x1d3/0x870
[  146.187508]  ? syscall_return_slowpath+0x5e0/0x5e0
[  146.192423]  ? syscall_return_slowpath+0x31d/0x5e0
[  146.197336]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  146.202336]  ? __switch_to_asm+0x34/0x70
[  146.206384]  ? __switch_to_asm+0x34/0x70
[  146.210429]  ? __switch_to_asm+0x40/0x70
[  146.214474]  ? __switch_to_asm+0x34/0x70
[  146.218519]  ? __switch_to_asm+0x40/0x70
[  146.222565]  ? __switch_to_asm+0x34/0x70
[  146.226614]  ? __switch_to_asm+0x40/0x70
[  146.230664]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  146.235496]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  146.240672] RIP: 0033:0x456a09
[  146.243853] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  146.262824] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  146.270531] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  146.277882] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  146.285138] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  146.292394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
12:12:32 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xa, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:32 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00'})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:32 executing program 3:

[  146.299648] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 000000000000000e
12:12:32 executing program 5:

12:12:32 executing program 6 (fault-call:6 fault-nth:15):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:32 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="b9b00000000000000000000000000000000000000000000000000000000000000000000000740000000000000000000000004a7ec0da67ecd200000008000000000000000000100000000000210e27643458b294962a7d1a7d00000000000000000000000000000000000089c0d27f88681faf0e1d63cdade8cfaed16067207dfe0da225a09c4c7f9d994b7be7653461b5ce34bbc3623a2a"], 0x57, 0x0, 0xa4a3ad41a879dde0)
r0 = accept(0xffffffffffffffff, &(0x7f0000000040)=@xdp, &(0x7f00000000c0)=0x80)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00')
connect$netlink(r0, &(0x7f0000000140)=@proc={0x10, 0x0, 0x25dfdbfb, 0x10000}, 0xc)
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0xb8, r1, 0x2, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x24, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3c}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xd44}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x1f}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x20}]}, @IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x4}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x10}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x5b}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x87}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3d}}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}]}]}, 0xb8}}, 0x20000084)

12:12:32 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd)
r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x4, 0xc0000)
ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000180))
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:32 executing program 0:

12:12:32 executing program 5:

12:12:32 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00'})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0xf0ffffffffffff}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:32 executing program 3:

12:12:32 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xfec0000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:32 executing program 3:
readlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)=""/249, 0x3a9)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000440)={0x5, 0x1f, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x602, 0x0, 0x0, 0x0, 0x680, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000380)}, 0x0, 0xd9b6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f000000a000)={0x6, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x8000000200000000, 0x5c3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mount(&(0x7f0000144000)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015d000)='nfs\x00', 0x0, &(0x7f000000a000))

12:12:32 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:32 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xffffff7f, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  146.491558] FAULT_INJECTION: forcing a failure.
[  146.491558] name failslab, interval 1, probability 0, space 0, times 0
[  146.502821] CPU: 0 PID: 9070 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  146.511225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  146.520584] Call Trace:
[  146.523187]  dump_stack+0x1c9/0x2b4
[  146.526828]  ? dump_stack_print_info.cold.2+0x52/0x52
[  146.532039]  ? kernel_text_address+0x79/0xf0
[  146.536809]  ? __kernel_text_address+0xd/0x40
[  146.541320]  should_fail.cold.4+0xa/0x11
[  146.545388]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  146.550495]  ? save_stack+0xa9/0xd0
[  146.554121]  ? save_stack+0x43/0xd0
[  146.557738]  ? kasan_kmalloc+0xc4/0xe0
[  146.561620]  ? kmem_cache_alloc_trace+0x152/0x780
[  146.566458]  ? v9fs_session_init+0x21a/0x1a80
[  146.570939]  ? v9fs_mount+0x7c/0x900
[  146.574641]  ? legacy_get_tree+0x131/0x460
[  146.578877]  ? vfs_get_tree+0x1cb/0x5c0
[  146.582839]  ? do_mount+0x6f2/0x1e20
[  146.586538]  ? ksys_mount+0x12d/0x140
[  146.590324]  ? __x64_sys_mount+0xbe/0x150
[  146.594460]  ? do_syscall_64+0x1b9/0x820
[  146.598507]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  146.603858]  ? lock_release+0xa30/0xa30
[  146.607832]  ? lock_acquire+0x1e4/0x540
[  146.611800]  ? fs_reclaim_acquire+0x20/0x20
[  146.616114]  ? lock_downgrade+0x8f0/0x8f0
[  146.620259]  ? check_same_owner+0x340/0x340
[  146.624586]  ? rcu_note_context_switch+0x730/0x730
[  146.629503]  ? do_raw_spin_lock+0xc1/0x200
[  146.633729]  __should_failslab+0x124/0x180
[  146.637955]  should_failslab+0x9/0x14
[  146.641746]  kmem_cache_alloc_trace+0x2cb/0x780
[  146.646402]  ? __lockdep_init_map+0x105/0x590
[  146.650884]  ? kmem_cache_alloc_trace+0x318/0x780
[  146.655714]  ? lockdep_init_map+0x9/0x10
[  146.659767]  p9_idpool_create+0x42/0x120
[  146.663824]  p9_client_create+0x276/0x1587
[  146.668060]  ? p9_client_read+0xc70/0xc70
[  146.672299]  ? lock_acquire+0x1e4/0x540
[  146.676267]  ? fs_reclaim_acquire+0x20/0x20
[  146.680578]  ? lock_downgrade+0x8f0/0x8f0
[  146.684727]  ? lock_release+0xa30/0xa30
[  146.688688]  ? kernel_text_address+0x79/0xf0
[  146.693086]  ? __lockdep_init_map+0x105/0x590
[  146.697573]  ? lockdep_init_map+0x9/0x10
[  146.701623]  ? kasan_check_write+0x14/0x20
[  146.705848]  ? __init_rwsem+0x1cc/0x2a0
[  146.709822]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  146.714828]  ? __kmalloc_track_caller+0x311/0x760
[  146.719656]  ? save_stack+0xa9/0xd0
[  146.723269]  ? save_stack+0x43/0xd0
[  146.726879]  ? kasan_kmalloc+0xc4/0xe0
[  146.730761]  ? memcpy+0x45/0x50
[  146.734041]  v9fs_session_init+0x21a/0x1a80
[  146.738349]  ? rcu_note_context_switch+0x730/0x730
[  146.743271]  ? legacy_parse_monolithic+0xde/0x1e0
[  146.748110]  ? v9fs_show_options+0x7e0/0x7e0
[  146.752508]  ? lock_release+0xa30/0xa30
[  146.756470]  ? lock_downgrade+0x8f0/0x8f0
[  146.760612]  ? check_same_owner+0x340/0x340
[  146.764944]  ? kasan_unpoison_shadow+0x35/0x50
[  146.769518]  ? kasan_kmalloc+0xc4/0xe0
[  146.773397]  ? kmem_cache_alloc_trace+0x318/0x780
[  146.778239]  ? kasan_unpoison_shadow+0x35/0x50
[  146.782816]  ? kasan_kmalloc+0xc4/0xe0
[  146.786694]  v9fs_mount+0x7c/0x900
[  146.790227]  ? v9fs_drop_inode+0x150/0x150
[  146.794466]  legacy_get_tree+0x131/0x460
[  146.798517]  vfs_get_tree+0x1cb/0x5c0
[  146.802318]  do_mount+0x6f2/0x1e20
[  146.805867]  ? copy_mount_string+0x40/0x40
[  146.810091]  ? kasan_kmalloc+0xc4/0xe0
[  146.813966]  ? kmem_cache_alloc_trace+0x318/0x780
[  146.818806]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  146.824334]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  146.829855]  ? copy_mount_options+0x285/0x380
[  146.834340]  ksys_mount+0x12d/0x140
[  146.837956]  __x64_sys_mount+0xbe/0x150
[  146.841922]  do_syscall_64+0x1b9/0x820
[  146.845795]  ? finish_task_switch+0x1d3/0x870
[  146.850278]  ? syscall_return_slowpath+0x5e0/0x5e0
[  146.855203]  ? syscall_return_slowpath+0x31d/0x5e0
[  146.860213]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  146.865219]  ? __switch_to_asm+0x34/0x70
[  146.869269]  ? __switch_to_asm+0x34/0x70
[  146.873320]  ? __switch_to_asm+0x40/0x70
[  146.877371]  ? __switch_to_asm+0x34/0x70
[  146.881417]  ? __switch_to_asm+0x40/0x70
[  146.885465]  ? __switch_to_asm+0x34/0x70
[  146.889526]  ? __switch_to_asm+0x40/0x70
[  146.893581]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  146.898416]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  146.903677] RIP: 0033:0x456a09
[  146.906860] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  146.925747] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  146.933447] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
12:12:32 executing program 0:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmctl$IPC_INFO(0x0, 0x3, &(0x7f00000003c0)=""/4096)

12:12:32 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000002a00)={&(0x7f00000001c0), 0xc, &(0x7f00000029c0)={&(0x7f0000002980)=@mpls_newroute={0x1b, 0x18, 0x505}, 0x1c}}, 0x0)

[  146.940709] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  146.947975] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  146.955326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  146.962929] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 000000000000000f
12:12:32 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r1, &(0x7f0000000180)={0x15, 0x65, 0xffff, 0x3, 0x8, '9P2000.u'}, 0x15)
read(r0, &(0x7f0000000000)=""/177, 0xffffff17)

12:12:33 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x11000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:33 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:33 executing program 6 (fault-call:6 fault-nth:16):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:33 executing program 4:
r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = dup(r0)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x111, 0x2, 0x0, 0x4)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)
r2 = getpgid(0x0)
sched_getattr(r2, &(0x7f0000000040), 0x30, 0xda4f1f7567932304)

12:12:33 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='personality\x00')
pread64(r0, &(0x7f0000002580)=""/68, 0x44, 0x0)

12:12:33 executing program 0:
r0 = memfd_create(&(0x7f00000000c0)="e3000000fb7945e6e3162ab7a309db8fc11273fd9d3a0d5ffaea55bc35ae0bf54e334119572aa8ea29df2591f26290316a41e9186016bf54b8259202a49e94330d5cad9a632164abb02c4714a1b106731aa627b7304799ac2c0d44447b28e6e166e4ef7ff84c07154d101e41212334a126ad247a7b75ae6b2971b7bca3af716ce547ba4bf49d04407820553c24dc8c5f7e38016922fd0e505a8311d60f6e39aeb737fa746e5d8849ac21df114ce914579e9d75c114d2566a3def8a42fd32f510863043828d41c46c249595fc9b", 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
fallocate(r1, 0x0, 0x9306, 0x8)
finit_module(r1, &(0x7f00000002c0)="e3000000fb7945e6e3162ab7a309db8fc11273fd9d3a0d5ffaea55bc35ae0bf54e334119572aa8ea29df2591f26290316a41e9186016bf54b8259202a49e94330d5cad9a632164abb02c4714a1b106731aa627b7304799ac2c0d44447b28e6e166e4ef7ff84c07154d101e41212334a126ad247a7b75ae6b2971b7bca3af716ce547ba4bf49d04407820553c24dc8c5f7e38016922fd0e505a8311d60f6e39aeb737fa746e5d8849ac21df114ce914579e9d75c114d2566a3def8a42fd32f510863043828d41c46c249595fc9b", 0x0)
lseek(r0, 0x0, 0x4)

12:12:33 executing program 5:
capset(&(0x7f00000fc000)={0x19980330}, &(0x7f0000244000))
socket$nl_xfrm(0xa, 0x3, 0x6)

12:12:33 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xf401, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:33 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x28, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@NDA_LLADDR={0xa, 0x2, @dev}]}, 0x28}}, 0x0)

12:12:33 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0xe5ab, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8000000000000, 0x0, 0x0, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50000000000000, 0x2, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x3ff, 0x400000000000000, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
ftruncate(r0, 0x3)

[  147.214402] FAULT_INJECTION: forcing a failure.
[  147.214402] name failslab, interval 1, probability 0, space 0, times 0
[  147.225648] CPU: 1 PID: 9130 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  147.234053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  147.243408] Call Trace:
[  147.246004]  dump_stack+0x1c9/0x2b4
[  147.249642]  ? dump_stack_print_info.cold.2+0x52/0x52
[  147.254844]  ? trace_hardirqs_on+0x10/0x10
[  147.259092]  should_fail.cold.4+0xa/0x11
[  147.263169]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  147.268319]  ? trace_hardirqs_on+0x10/0x10
[  147.272566]  ? lock_release+0xa30/0xa30
[  147.276553]  ? kasan_check_read+0x11/0x20
[  147.280716]  ? do_raw_spin_trylock+0x1c0/0x1c0
[  147.285320]  ? do_raw_spin_lock+0xc1/0x200
[  147.289567]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  147.295124]  ? perf_trace_lock+0xde/0x920
[  147.299283]  ? perf_trace_lock+0xde/0x920
[  147.303441]  ? get_page_from_freelist+0x3c2d/0x4620
[  147.308479]  ? zap_class+0x740/0x740
12:12:33 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0xc0000, 0x0)
getsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @rand_addr, @multicast1}, &(0x7f00000001c0)=0xc)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

[  147.312235]  ? zap_class+0x740/0x740
[  147.315956]  ? kasan_check_write+0x14/0x20
[  147.320196]  ? kasan_unpoison_shadow+0x35/0x50
[  147.324796]  ? kasan_alloc_pages+0x38/0x40
[  147.329083]  ? get_page_from_freelist+0x107a/0x4620
[  147.335511]  __should_failslab+0x124/0x180
[  147.339760]  should_failslab+0x9/0x14
[  147.343554]  kmem_cache_alloc+0x47/0x760
[  147.347613]  ? lock_acquire+0x1e4/0x540
[  147.351581]  ? is_bpf_text_address+0xae/0x170
[  147.356066]  ? lock_downgrade+0x8f0/0x8f0
[  147.360209]  radix_tree_node_alloc.constprop.19+0x1e6/0x310
[  147.365934]  idr_get_free+0x887/0x10d0
[  147.369824]  ? radix_tree_iter_tag_clear+0xd0/0xd0
[  147.374750]  ? __kernel_text_address+0xd/0x40
[  147.379240]  ? unwind_get_return_address+0x61/0xa0
[  147.384181]  ? save_stack+0xa9/0xd0
[  147.387801]  ? save_stack+0x43/0xd0
[  147.391418]  ? kasan_kmalloc+0xc4/0xe0
[  147.395309]  ? kmem_cache_alloc_trace+0x152/0x780
[  147.400162]  ? p9_idpool_create+0x42/0x120
[  147.404384]  ? p9_client_create+0x276/0x1587
[  147.408790]  ? v9fs_session_init+0x21a/0x1a80
[  147.413275]  ? v9fs_mount+0x7c/0x900
[  147.416985]  ? legacy_get_tree+0x131/0x460
[  147.421215]  ? do_mount+0x6f2/0x1e20
[  147.424918]  ? ksys_mount+0x12d/0x140
[  147.428717]  ? __x64_sys_mount+0xbe/0x150
[  147.432855]  ? do_syscall_64+0x1b9/0x820
[  147.436906]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  147.442266]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  147.447633]  idr_alloc_u32+0x1d4/0x3a0
[  147.451516]  ? __fprop_inc_percpu_max+0x2d0/0x2d0
[  147.456348]  ? p9_idpool_get+0x23/0x70
[  147.460234]  idr_alloc+0x111/0x1b0
[  147.463772]  ? idr_alloc_u32+0x3a0/0x3a0
[  147.467824]  ? do_raw_spin_lock+0xc1/0x200
[  147.472056]  p9_idpool_get+0x3d/0x70
[  147.475768]  p9_client_create+0x35d/0x1587
[  147.480093]  ? p9_client_read+0xc70/0xc70
[  147.484234]  ? lock_acquire+0x1e4/0x540
[  147.488200]  ? fs_reclaim_acquire+0x20/0x20
[  147.492521]  ? lock_downgrade+0x8f0/0x8f0
[  147.496658]  ? lock_release+0xa30/0xa30
[  147.500617]  ? kernel_text_address+0x79/0xf0
[  147.505011]  ? __lockdep_init_map+0x105/0x590
[  147.509506]  ? lockdep_init_map+0x9/0x10
[  147.513557]  ? kasan_check_write+0x14/0x20
[  147.517785]  ? __init_rwsem+0x1cc/0x2a0
[  147.521748]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  147.526850]  ? __kmalloc_track_caller+0x311/0x760
[  147.531680]  ? save_stack+0xa9/0xd0
[  147.535293]  ? save_stack+0x43/0xd0
[  147.538904]  ? kasan_kmalloc+0xc4/0xe0
[  147.542778]  ? memcpy+0x45/0x50
[  147.546053]  v9fs_session_init+0x21a/0x1a80
[  147.550362]  ? legacy_parse_monolithic+0xde/0x1e0
[  147.555201]  ? v9fs_show_options+0x7e0/0x7e0
[  147.559609]  ? lock_release+0xa30/0xa30
[  147.563569]  ? lock_downgrade+0x8f0/0x8f0
[  147.567799]  ? check_same_owner+0x340/0x340
[  147.572123]  ? kasan_unpoison_shadow+0x35/0x50
[  147.576694]  ? kasan_kmalloc+0xc4/0xe0
[  147.580577]  ? kmem_cache_alloc_trace+0x318/0x780
[  147.585412]  ? kasan_unpoison_shadow+0x35/0x50
[  147.589986]  ? kasan_kmalloc+0xc4/0xe0
[  147.593864]  v9fs_mount+0x7c/0x900
[  147.597397]  ? v9fs_drop_inode+0x150/0x150
[  147.601624]  legacy_get_tree+0x131/0x460
[  147.605677]  vfs_get_tree+0x1cb/0x5c0
[  147.609474]  do_mount+0x6f2/0x1e20
[  147.613015]  ? copy_mount_string+0x40/0x40
[  147.617326]  ? retint_kernel+0x10/0x10
[  147.621215]  ? copy_mount_options+0x1a1/0x380
[  147.625787]  ? __sanitizer_cov_trace_pc+0x3b/0x50
[  147.630637]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  147.636167]  ? copy_mount_options+0x285/0x380
[  147.640654]  ksys_mount+0x12d/0x140
[  147.644276]  __x64_sys_mount+0xbe/0x150
[  147.648242]  do_syscall_64+0x1b9/0x820
[  147.652117]  ? finish_task_switch+0x1d3/0x870
[  147.656603]  ? syscall_return_slowpath+0x5e0/0x5e0
[  147.661528]  ? syscall_return_slowpath+0x31d/0x5e0
[  147.666461]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  147.671471]  ? __switch_to_asm+0x34/0x70
[  147.675521]  ? __switch_to_asm+0x34/0x70
[  147.679567]  ? __switch_to_asm+0x40/0x70
[  147.683613]  ? __switch_to_asm+0x34/0x70
[  147.687671]  ? __switch_to_asm+0x40/0x70
[  147.691722]  ? __switch_to_asm+0x34/0x70
[  147.695771]  ? __switch_to_asm+0x40/0x70
[  147.699831]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  147.704669]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  147.709854] RIP: 0033:0x456a09
[  147.713039] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  147.731931] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  147.739630] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  147.746895] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  147.754153] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
12:12:33 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000005f513a57a5b2926f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:33 executing program 5:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='mqueue\x00', 0x0, &(0x7f0000000380))
mknod$loop(&(0x7f0000000040)='./file0/file0\x00', 0x2000, 0x0)

12:12:33 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x5e00000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:33 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x1c, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}}, 0x1c}}, 0x0)

12:12:33 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x11011, r0, 0x0)
clone(0x0, &(0x7f0000000080), &(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000140))

12:12:33 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='personality\x00')
pread64(r0, &(0x7f0000002580)=""/68, 0x44, 0x0)

[  147.761413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  147.768668] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000010
12:12:33 executing program 1:
r0 = shmget(0x2, 0x1000, 0x60, &(0x7f0000ffc000/0x1000)=nil)
pipe2(&(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x4000)
ioctl$EVIOCGABS20(r1, 0x80184560, &(0x7f0000000180)=""/125)
shmctl$IPC_RMID(r0, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r2, &(0x7f0000000000)=""/177, 0xb1)

12:12:33 executing program 6 (fault-call:6 fault-nth:17):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:33 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='personality\x00')
pread64(r0, &(0x7f0000002580)=""/68, 0x44, 0x0)

12:12:33 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x3983fdff, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:33 executing program 5:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='mqueue\x00', 0x0, &(0x7f0000000380))
mknod$loop(&(0x7f0000000040)='./file0/file0\x00', 0x2000, 0x0)

12:12:33 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:33 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x1c, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}}, 0x1c}}, 0x0)

12:12:33 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syncfs(r0)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000180)=""/109, 0x6d}, {&(0x7f00000000c0)=""/33, 0x21}], 0x2)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
socket$xdp(0x2c, 0x3, 0x0)

12:12:33 executing program 0:
r0 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xe78f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x12, r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14}, 0x14}}, 0x0)

[  148.039487] FAULT_INJECTION: forcing a failure.
[  148.039487] name failslab, interval 1, probability 0, space 0, times 0
[  148.051229] CPU: 0 PID: 9198 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  148.059639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  148.069004] Call Trace:
[  148.071607]  dump_stack+0x1c9/0x2b4
[  148.075270]  ? dump_stack_print_info.cold.2+0x52/0x52
[  148.080490]  ? radix_tree_iter_tag_clear+0xd0/0xd0
[  148.085446]  should_fail.cold.4+0xa/0x11
12:12:33 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = msgget(0x1, 0x12)
msgrcv(r0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:34 executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@delneigh={0x1c, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2, 0x0, 0xf0ffffffffffff}}, 0x1c}}, 0x0)

12:12:34 executing program 5:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='mqueue\x00', 0x0, &(0x7f0000000380))
mknod$loop(&(0x7f0000000040)='./file0/file0\x00', 0x2000, 0x0)

12:12:34 executing program 1:
set_robust_list(&(0x7f0000000200)={&(0x7f00000000c0), 0x6afe, &(0x7f00000001c0)={&(0x7f0000000180)}}, 0x18)
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240)='/dev/zero\x00', 0x200000, 0x0)
syz_mount_image$f2fs(&(0x7f0000000440)='f2fs\x00', &(0x7f0000000480)='./file0\x00', 0x9, 0x3, &(0x7f0000000640)=[{&(0x7f00000004c0)="ac36af4b41f8f82291296644cde30e303b4ffa879890839abf857ebf098609a1198b4cb9e0b8d26d931c5dfe7d28e804688c20e0d26bb5cc779318a5a9a2a9bbf7332e2faf36294e02b0ba080d7821d23c227b6e16bd88943e04a8ba18c30f5b9f9bac63c09a8ed66e444e7e19954248c977f03eda2cf459caecd2f3a7b9d8a8ce2d38ff8abe33664745ff6db7f1289dc3a918e53138d98f8c0e6d332caac0879a997f3bc6cbe79b7126aed9bdd246efc614d0cb280ba8a667", 0xb9, 0x401}, {&(0x7f0000000580), 0x0, 0xbba}, {&(0x7f00000005c0)="dc8bf98356c1a72b124721f2eaf585448244efb6699d29969e59fa2bb4438f18df8ee677d6d99abf61bb406aa4fdd14b3d6223fe46a0b1a3a3173e1e52485187be74d1a0d21c84b82f161e2c555ac17521f253324aa3adc7d509", 0x5a, 0x9}], 0x80, &(0x7f00000006c0)={[{@noflush_merge='noflush_merge'}, {@inline_xattr='inline_xattr'}, {@data_flush='data_flush'}, {@lazytime='lazytime'}, {@flush_merge='flush_merge'}]})
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000380)={<r2=>0x0, 0x79ec}, &(0x7f00000003c0)=0x8)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000400)=@sack_info={r2, 0x0, 0x4}, 0xc)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000280)={<r3=>0x0, 0x2}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000300)={r3, 0x26, "29506a098637c638694f8aca6e1bedbd3d7f5f22c0c18d5004ef8fe5a903705ac47e753150d1"}, &(0x7f0000000340)=0x2e)

12:12:34 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x700, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:34 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='personality\x00')
pread64(r0, &(0x7f0000002580)=""/68, 0x44, 0x0)

[  148.089522]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  148.094642]  ? plist_requeue+0x650/0x650
[  148.098719]  ? save_stack+0x43/0xd0
[  148.102363]  ? kasan_kmalloc+0xc4/0xe0
[  148.106259]  ? kmem_cache_alloc_trace+0x152/0x780
[  148.111112]  ? __radix_tree_replace+0x188/0x2f0
[  148.115789]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  148.121329]  ? node_tag_clear+0xc0/0x1c0
[  148.125403]  ? lock_acquire+0x1e4/0x540
[  148.129388]  ? fs_reclaim_acquire+0x20/0x20
[  148.133713]  ? lock_downgrade+0x8f0/0x8f0
12:12:34 executing program 2:
r0 = perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x100000000000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x7, 0x5)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x3407f, 0x62)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0xffffffffffffffff}, 0x1c)
ioctl$sock_SIOCBRADDBR(r2, 0x89a0, &(0x7f0000000040)='y3D\b\x00')
sendmmsg(r2, &(0x7f00000002c0), 0x4cc, 0x20007ffc)
r4 = semget$private(0x0, 0x7, 0x203)
ioctl$TUNSETSNDBUF(r3, 0x400454d4, &(0x7f0000000540)=0x3)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000680)={{{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0}}, {{@in6=@dev}, 0x0, @in6=@ipv4={[], [], @loopback}}}, &(0x7f0000000600)=0xe8)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f00000009c0), 0x4)
stat(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
chown(&(0x7f0000000500)='./file0\x00', r6, r7)
getsockopt$sock_int(r3, 0x1, 0x21, &(0x7f0000000900), &(0x7f0000000640)=0xfffffffffffffdda)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r3, 0xc0505405, &(0x7f0000000a00)={{0xffffffffffffffff, 0x1, 0x4, 0x2, 0xa7}, 0x3ff, 0x3b, 0x101})
syz_open_dev$adsp(&(0x7f0000000880)='/dev/adsp#\x00', 0x8, 0x100)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
r9 = gettid()
ptrace$setopts(0x4206, r9, 0x7, 0x10)
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000580))
r11 = getuid()
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000300)={0x0, 0x0, <r12=>0x0}, &(0x7f0000000340)=0xc)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000400)={{{@in6=@dev, @in=@local}}, {{@in=@local}, 0x0, @in=@rand_addr}}, &(0x7f00000008c0)=0xe8)
semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000380)={{0xffffffffffffff01, r8, r10, r11, r12, 0x1, 0xff}, 0x2, 0x7, 0x8})
fallocate(r0, 0x0, 0x5, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000840)={'vcan0\x00', r5})
getsockopt$IP_VS_SO_GET_DESTS(r2, 0x0, 0x484, &(0x7f0000000940)=""/87, &(0x7f00000005c0)=0x57)

12:12:34 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x900, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  148.138046]  ? check_same_owner+0x340/0x340
[  148.142367]  ? p9_idpool_get+0x4a/0x70
[  148.146260]  ? rcu_note_context_switch+0x730/0x730
[  148.151197]  __should_failslab+0x124/0x180
[  148.155445]  should_failslab+0x9/0x14
[  148.159248]  __kmalloc_track_caller+0x2c4/0x760
[  148.163930]  ? idr_alloc_u32+0x3a0/0x3a0
[  148.168005]  ? do_raw_spin_lock+0xc1/0x200
[  148.172257]  ? p9_client_create+0x430/0x1587
[  148.176676]  kstrdup+0x39/0x70
[  148.179910]  p9_client_create+0x430/0x1587
[  148.184164]  ? p9_client_read+0xc70/0xc70
[  148.188321]  ? lock_acquire+0x1e4/0x540
[  148.192308]  ? fs_reclaim_acquire+0x20/0x20
[  148.196646]  ? lock_downgrade+0x8f0/0x8f0
[  148.200813]  ? lock_release+0xa30/0xa30
[  148.204805]  ? kernel_text_address+0x79/0xf0
[  148.209233]  ? __lockdep_init_map+0x105/0x590
[  148.213747]  ? lockdep_init_map+0x9/0x10
[  148.217844]  ? kasan_check_write+0x14/0x20
[  148.222108]  ? __init_rwsem+0x1cc/0x2a0
[  148.226101]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  148.229510] IPVS: length: 87 != 24
[  148.231133]  ? __kmalloc_track_caller+0x311/0x760
[  148.231146]  ? save_stack+0xa9/0xd0
[  148.231159]  ? save_stack+0x43/0xd0
[  148.231169]  ? kasan_kmalloc+0xc4/0xe0
[  148.231185]  ? memcpy+0x45/0x50
[  148.254131]  v9fs_session_init+0x21a/0x1a80
[  148.258487]  ? rcu_note_context_switch+0x730/0x730
[  148.263436]  ? legacy_parse_monolithic+0xde/0x1e0
[  148.268295]  ? v9fs_show_options+0x7e0/0x7e0
[  148.272720]  ? lock_release+0xa30/0xa30
[  148.276711]  ? lock_downgrade+0x8f0/0x8f0
[  148.280900]  ? check_same_owner+0x340/0x340
[  148.285234]  ? kasan_unpoison_shadow+0x35/0x50
[  148.289831]  ? kasan_kmalloc+0xc4/0xe0
[  148.294362]  ? kmem_cache_alloc_trace+0x318/0x780
[  148.299242]  ? kasan_unpoison_shadow+0x35/0x50
[  148.301922] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0xaf36ac00)
[  148.303842]  ? kasan_kmalloc+0xc4/0xe0
[  148.303872]  v9fs_mount+0x7c/0x900
[  148.303888]  ? v9fs_drop_inode+0x150/0x150
[  148.303908]  legacy_get_tree+0x131/0x460
[  148.311533] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  148.315387]  vfs_get_tree+0x1cb/0x5c0
[  148.315402]  do_mount+0x6f2/0x1e20
[  148.315420]  ? copy_mount_string+0x40/0x40
[  148.319786] F2FS-fs (loop1): Unable to read 2th superblock
[  148.323172]  ? retint_kernel+0x10/0x10
[  148.323193]  ? copy_mount_options+0x1a1/0x380
[  148.323210]  ? __sanitizer_cov_trace_pc+0x48/0x50
[  148.323225]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  148.323242]  ? copy_mount_options+0x285/0x380
[  148.328825] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0xaf36ac00)
[  148.334742]  ksys_mount+0x12d/0x140
[  148.334757]  __x64_sys_mount+0xbe/0x150
[  148.334775]  do_syscall_64+0x1b9/0x820
[  148.334789]  ? finish_task_switch+0x1d3/0x870
[  148.334803]  ? syscall_return_slowpath+0x5e0/0x5e0
[  148.334814]  ? syscall_return_slowpath+0x31d/0x5e0
[  148.334832]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  148.338785] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  148.342169]  ? __switch_to_asm+0x34/0x70
[  148.342181]  ? __switch_to_asm+0x34/0x70
[  148.342197]  ? __switch_to_asm+0x40/0x70
[  148.347866] F2FS-fs (loop1): Unable to read 2th superblock
[  148.352042]  ? __switch_to_asm+0x34/0x70
[  148.352056]  ? __switch_to_asm+0x40/0x70
[  148.352079]  ? __switch_to_asm+0x34/0x70
[  148.352096]  ? __switch_to_asm+0x40/0x70
[  148.455105]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  148.459950]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  148.465132] RIP: 0033:0x456a09
[  148.468322] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
12:12:34 executing program 6 (fault-call:6 fault-nth:18):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:34 executing program 2:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r0, &(0x7f0000000000)={&(0x7f0000de2ff4), 0xc, &(0x7f00000000c0)={&(0x7f0000001d80)=ANY=[@ANYBLOB="140000000101ffff000000000000000000000100"], 0x14}}, 0x0)

12:12:34 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0xfffffff5, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  148.487215] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  148.494913] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  148.502184] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  148.509444] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  148.516701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  148.524082] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000011
12:12:34 executing program 0:
r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
ioctl$BLKFLSBUF(r0, 0x1269, &(0x7f0000000080))

12:12:34 executing program 4:
r0 = msgget(0x1, 0x0)
msgrcv(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000000000000000001c7e5efac448ba8e00000000000000000000000000000000000000000000000000000000000000000000000000000081000000000028177ea72ea781e9c669d9f1"], 0x40, 0x3, 0x1800)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000400)='/dev/snd/pcmC#D#p\x00', 0x7ffc, 0x80000)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000200)={{0x2, 0x4e21, @multicast2}, {0x0, @remote}, 0x40, {0x2, 0x4e22, @broadcast}, "76ff0300005f746f5f62726964676500"})
setsockopt$inet_mreqsrc(r1, 0x0, 0x26, &(0x7f0000000080)={@loopback, @rand_addr=0xe1f, @multicast1}, 0xc)
getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000002d00), &(0x7f0000002d40)=0x2)
r2 = perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = accept$unix(r2, &(0x7f0000000280)=@abs, &(0x7f0000000300)=0x6e)
ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000040))
r4 = getpid()
ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000380)=<r5=>0x0)
getsockopt$inet6_buf(r1, 0x29, 0x2e, &(0x7f0000002c40)=""/97, &(0x7f0000002cc0)=0x61)
r6 = getuid()
ioctl$KDSETMODE(r1, 0x4b3a, 0x1)
getresuid(&(0x7f00000003c0)=<r7=>0x0, &(0x7f00000004c0), &(0x7f0000000500))
sendmsg$nl_netfilter(r2, &(0x7f0000002c00)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8040}, 0xc, &(0x7f0000002bc0)={&(0x7f0000000540)=ANY=[@ANYBLOB="602600000b07000129bd7000fedbdf2502000005c400370014007e0076ff0300005f746f5f6272696467650008007300", @ANYRES32=r4, @ANYBLOB="3c8467ec5f6474e7357c59ce3cd92cc016a5eb38ff4be35e950714178519325a2fba1519686a86e1b883824b53c87552f3633201bfa5fd4dae49bf7ce07e00680668ac7d54aea028886f4c070c6936613449e0f5b730935dcaa0b7feabbe4f1906af0df7f1141323b1de7e35e55653e95476d98d387de76ae42008eb83e0d0ec81d648a4dd9105e86d447c3080b070fea275be2591cfe5d35dd308000e000200000000002c007c005d899d2742fa46ce6828757f20af97011090d39d2808a883657ad492749f4d1c35962756219f9dca08003c00060000001400010000000000000000000000ffff0000000008006e00", @ANYRES32=r5, @ANYBLOB="5ed5ca18dbd802301e9631d8f1dd5f7ace0c05b36527c609ebde47815afab7ebace10abd3d093c5ecc528f5ef80165d4329711eca05399fd8d0c007e006100000000000000ac0289008a06a4fabe62a9481709346bd216b90498ccb80eb210deee39558c4dff37a101afbbe36d598c47f4f20271234213188e0919cb88619453fd206feb7bd89f029be85b150f1de45fb7895ee255b87807fae14e9dfebb5176394f13e2ee7d89f2ab6f43bb73f41120141e3582806598583691d09be4210239f68914860e8754b02b089f075e90508d2975109f29e8ef54e03d751b45032800aee96ca0b3f060a366bf9e0b7ebf0a6a4c28ef702c770667280a87a50f220cecdca3d827aa4c5c7e7d737cb2ac7f7c71729bf2973fcb61c58be56fb3743562c89ca778dd6e0c97311a4cc76866e908006a005d00000084002100781d6bf760a60ea1fa3a67790d5018e5365e10d8ca14cff8c2b7ee1d698279ebc01b41b4d084eb8704d60c7c17200218c14b19d6e1f6941a8ae070492081c56b4d1468574c84907e3a8c32d64bc1eb0162c41c14d573caac10c0d4ee5d5d4dcaa214d74989f320baf703f6680cd27b5cc491bb98eeb21906a2c7fd961808a69004004e001263d63be2788dcf2c576027095b78920c433a08b5a129e5d747f63eda325bea3527c681fedfba014d397f43ca9f0f0fac6f0179a296ac39f9d86f4f016dfb1b48279982ccd7432cfccde45da8baef1b6d4d430cdd0385b42841d9580905a21ed0d43205cd0595c18f507771b7940052008225ded4b69b27b65cb8b2b196b49cd052846d1cc9476d2c7378deee213d575a250f87e36e99f8daa68bb6498c6ed112c885515b366e1d69b8739b154e47f8199319df1e592476cedfe33ceb0c75c4828feac3d09c1469bcd6c78ffb2126c65dec7dfe18e2d78df3f62905d85524b537c349ad07f73a986abc8e5fca1d1e038ce0b48a2ae5da162522217118d40000000400840072f41f412f162e0eac199f105559e1aa41f6592cda78f8b93673c8cdddca2df09bbb921ef3d83704007100000000442269000c0056009d3e0000000000006f21c8f4c9b9ad6b61bcdb52f2103752bdb0007dee771f77f26ded09d4f8f17b305b4d8820121aa52ad86b5e3013250f6b451cace82a0cf812e32c52248405f3029eecf5f006ca12276df41c33d8dad9203dfce45c879cff87f303b97bc8a33bd02e71a57bf7a5567e605b5a5604d56a9031e4fe371622bad4bbfeed0bfaf1db2ce53fb60600400f6ce1ea211a09f439234a4e84147351b86cd44fabe4f4fffa21fb3f6b9a2ffb98ea8d6f86812cf17bd43208008000", @ANYRES32=r6, @ANYBLOB="a32483be193fe220fb33f0bc2ddcd4a05926f182575481d10ddfd997b87cf42b7c305458f66a0fe46893bfda9111ec1fab68928a68a25f292d109dc30028c590a670cb9048e85ec28ab71707cffc1497a189835d50d1ca399ff73044478e862f23616f67ab6ba52b7408ca9c898e0e35ed5272ed2b0756510c38297955a21927655f26382f2809ba1b437745fef5a8e8e2fba0f9e9396d9b6971b46d9bab6f824680a6efbf19552661af022841a2ad010f3011f20ef3d427effd4eae45a4429533b3aa202a625416eab3c8ae4ffedbe79a222b7790eb1cbcbf74a585f232dc0a2c08ea9ef2dc0e93140019989011fddb7c26787cfb45ae806598034f6774dd1b362f2d4d125566e232f9db21a60efbf397a9fcd9e2ce77a66aa83ae8f7c646912eb8f00fa15be161869809be71cea1164cee4928fdedaec45d306b09d43fc61ce8d2db86aaa9d176583cbdb762117d1f7150b2c1ea74c3d7bb43ed8acf9ddadfc492253fef6fc5a2706fb216206a64270f6bb593e387f8db79f4eec1403b2713f03cd79cc085080f8ea82ff6c5523d46b8eef26d6d0ddb79dbe43840feab610aa5be4e920a218b2b4c6aeea2e4ba2261f0338a7be8b0948581af37233a5b47d8da7a8f42053303406c0baa36d8519d55785f05cea4305657b4d7a8b8b4191002558f3f5e4f6bc43df9bb58020c8f3163fd30c165679618dec186a6949035687b3bd781ce81d0b03eb24a963b65892eb2d6351d3947033093c772afe122e71e68d482ca17e3d7089bf0b82c4f5b487fb3657e63d504a155035dc503a4ed6d678ba4bc74ca55ee6983f61083752a1aae674e14be6a8f9f5ecc39970b3ebf5f7f2043f50fcb01cd94be0aab001b67a43d3405b6147c937141d3814a076a921495e05863c3acfdf36b616e38cf80d22d5bd27b82c6403e20af361f2c6b301e8ae2e4b7847f3a56cbcf6530f2ec083d13430294281b9f64d45a2b237cae36316be946c3609b36e78ddc098e4b4cc1b14990352a4c68ba495b840f799684ffd9f27903b49f9835f7aeeb729a2c1ca7ae5d02f3fef6882897bd072daeae28f4ad7c1177e4a41f807ebdbc7a8dc4aee7373d3677ac4cc98fc256f89f3b00f8dbe0a81f61658056489c9b1a1b469021ffe0fdcfb98bfff95b020094c80f963d1f813852abbb4f1d56b112356903765e93b6ea48e3b21c396f10036fce1cfa60ebe90835e5967c61d0c0f68291c514b9b24dbb5317c940cef29a7973fe674593f7e1ad356bedf6c6b6d775d2c76b8b087839332be2cea18cc09aacb7c991d942a3bf984a43a5560971e910960772dce3ce419caa5335694669ae19a28ba91e7dbba517f20794b9680b0e2a77cb9bd592cfa09592f9b179f37ebddf6955fd7c0c8cfdd95d817102e92840526a13b7a98d4a51163932f2a60d0543d228c657d36d1b531068a7b24d89934922e953979d510dafd0de02ab6f20083113433d29c5e7e9427f1611f23b8fcfc3c59665abe636d02d7efd97c06b4ffa78f3f2cff2ef48d519f1002448ca5e49c6c73d8e8468984aaeb29c50db7db484edcaf1f7f0aa0aeec91e6684bb33ebba40c0412119b335c67518ba0c1ab4b6a8d4f189490475f6db9a6b2327999457b1c9a31463b79494ef4060619aea51cbca582c782f8c6f2ff6e6a0becf9e436ce2af0330adda154f6dbe6eff995863c1981148dccf9e7d1aa22ec0bded484434473643d8ad37a939e45fe34cf8bea935fc7d50fdf815a23f24e43575ea5d7525f1712941d78ecdfddfba58acd80438422748ef88893f22daacd534fbf0b672e163d1123758b943dcaa2e9612fcd0ceecee67a44e0cd046d482789916a16247a507950d1cd18975869932d3b4405e5af6d92a48d410fc30e50fc3a681b23758a046a964658dfb0f96f7331be4ff1bd1f3f506cef4eb3cac5d46c6c02a80f5fbfd3342aa447ebb9e91412b009512d185c3ae1039607d21118f156f947a1f8d70fc5244ee0cd0d92574d6d86924ae2792f059b15d6b23faf4b31528930c1de907a77ddc8d967ca6ea03e5e12f8470ecd7b37ce51ed24da73a003975f3539615b933828f93daa1e45730675e81d7872d1736cec0aa4240f2caa11a92954f39ee84600d71501768841e1b79570f18448cea35bf9e28f3d3b1d071bd77049c512f0da92b37def7fb6622f01b487f873059fcdb907d749ee07737ff82c2209ea7b639dafb18de6fe9e2621574170a92c81a55c563e7ff631a4e96028473905426424782362b955b8bb9897a3726fcd97459455ee319d12abd61682aea079bc3974ca4643c18f0218c888dba0c16a4c2d6f015032e4785e86e44a387d4c04111874d60548673a69e0b6358e2bd936c2c3a8add6b754637befebf22fb8dc7d98e6c7986dbb721eeecef8c923f61c7c4e4e89a9e8c9548cd848626b1d8cc0447b33fa4d892f43d273feb01dd0076522f006d4acc62087318dddf17da33cad381a9711c85c90071d40ef9d486bae27bf42f398aba4eb839ea80a4d7b315011a16dfb688f9cce4c2ced6cde8013d2f2b779df4b4f1a6ba7413ae967881c51edc066cd0748d4412d35622d58ab01b5e650e185d51ec35574c15d7848b2287faaa8df5f03d4047378d28d6f1e84c75bcdc1f68585e846ecb25b41e9aad93354f6b21ec90003aa830f6502ae4003e1358801a9893653993cbe066fdf1d35d0f32a52d46251d951c993c645771e3cb3dbaa875826fe243397fce47b79b3b4968a564151f64932b2314d9acc5b90e56192fa9acd8a93d6c7be28515da289ce9d80522f245d9e397d2ce3f8d4c4025b8f204cc9a5984c46786a22d9da561fd90f2700acc4e8dde471ea6f680e8b6058cb10c33f730d0030cde7a5edcf808ee879ce3758811194032382b46d066268edb99f6309e86cc8e3b76b203951c7e08e93bb3237e0eb2ade873354e4eb593eda9e9239fb48d9ae7ab5b05bd169614a02ccbaef4b54707e1b1f9a7a7637e5ba3a79bdf09c2d182da73ffe55f80fb88c25909edc07870986608b0a5aa1caf85bd9eaf7ecff352458cc2ca26a59530a11bffc0d5791fc14fcd4035abaa5050df54e9d1273d38f5617be2f904989f7fa508e64fb04afd9bc4b7647965142ad37124b6818fa23d8978a9f20f3ce604692622384021cb6c43254ea2a994d3a7a263b656f5efaae4c835efe7c6195327fb91e3ad8db346de21a7e519eefa49cca909badf4d86dc3707d96a49bd65ddb47fa8d9011978e5c264aa56dfc4ff694acc859a2de964a75a70abb8ccc781f9cb578dd767a79e3ee4de2ba5202fb3d943801d5b085f8de223ec597e0ff0e74e2b2ecd6e2173bca54925aa1fb0abcddacb106a9b5a0e47a224eed1c2306a33912707560fb8a8b5f5e979597ba758c2b3364de48aff8834655d6c24890cc225b958b2280683bd8b843cc4c7d3d1d49e7cc76abb51365e26e4927c123b029781c082d4dc01dbe37cb4332833a2c219862c6f9167f27ea32bcfb355f94925309f1933c581055906ecb08ecd70b35223068d10e86a653591c13b6300a95fe26d89fbd09876c0c6899b1cf10ae5cb0b80037dab99df5c21673529c94e04eb1e98bc410067e5522385b19bfc9b9a048e5e9611a26e8dfef330c324be6ca216d2c249154472696e73330b56ed3353438a9b060e460b7c45ca6c74389868a2922cc25c517ea57ead4e786a5a31b1caa09db6e76737e133591f2da7b3d51a29b6fe2b09aad3d3fff2383e84cfb33d2e04fb5cb004f84e9631a9afd9547cb50894f2595b58cfb555cdc6b2abb373101a0cfd4211746feba0d2efa65d4012d6ab722fd791b413dc0ae71de553db2b9a5ec435a93fe53fde78839dbaed3f85b503a6a2a7790628f853c0fb6c64a43f4bbc02facbdabcc9b8821fb4d8d5e003d45a327d78c89bbeb1036a260b0be0fdb3cde9958d18d94bafed5f92edc7d3125385c8c51019a3fd50a1c5abd1b232c48e05686583ace715728b9bd3b227ef2575448d13cb449a7ac990c53f14fb2f68e4bb44bf6795f0b8a829bf6462def01e23223b0aa4ee2e09d7ef29d27eb3525a3f4dbb80260c29fb885f5efbd455a2610a1c145e03939be6dfbb347397126a177f70087bfe955377586e2ddc9ce5df3f5ff6fbcb7c557b5b8525fed947edbd32a75b28c4a6339ed9ed115e2d5495cf9fcc8f2afde4903ca23c59c246ab4ba665bcf55c1efcb15dc57e7865f6648777cafd5d8e2e683b67ed95ed302c52b0d6b8df31aaff655bb0540c82534830d1c11164d5c8c52085326ff2bf05dc405c11a4caa82b071cf5900579033ac94cef9e5d10eecf81174e9aae27b1c8430fa1fafb45f548e24b3c893464421f68d7a16588bed82b99049ddfac9677e5a2c063b6bc952896b019585483e52ec65700505f2f11439db2496265892e68ef49ff7fd0fa04ee2ebc0d2299c7e833109108a77ca05e2a6c543d680c90e0da82e3ad70523dfc0fab72f414360a74deae6536bcd0d6b99643cbc514dac6e0c7e160e8f2d31293a28196d28a9b86d8cbef6b4d7f8526d53a87eb20f7b244579a5fd798aec6806a6d2de0e44cc71ed69579efed5f21c08e73f38827a78530c471b0a37b333bb5f90158eade6c33b583c697df05a72d8cc17423035abd2b65aad94806f4e345d22b70d20ad694f41e10c4aeac39806ee8503cd70399d1096d0f61201f1c281b38bbd42379c1fc8d7826ab4e83304e27b0ffec97ef5c52648188243e8ccc7ce0b144c0d2f673c167982eb62cbe77a0668b16c7a60f79b41705864f54d262e14d12fdfbd92aca23ae15768efbdc10d3912380ccb43ed5b11fea69aedfe2443a6b0aa6c78ff000247d7e1c7cae350b9c95c782892376b68f8fff9b391dc3606524b491fe56ab60b5cc82ef9f2c443fd811f635ceac268500947276029e6d1ea0d9c57491baadf849f23aa3b596332d3a0fd19c7ecc30748033a6d90a0810015877a13197eef11e7b1edd9ef14d4d895a729aabf5cdd54059c8b9da829fdfccc2d9d4e7e938c936f996187609079c9cc3831262556db79b12363078d20a5af8e0e62addac5ad4b4f69687e5745784a793f319964a028cb428e9226657d7a134070707e2a9ebfc4b0da77104dc6d6e5d8e8d44870c85f27ca630595734926c1a8944303342cfc20509ba9009c118a1c1003e5d01cd7cf07965d2d6c63fd10a7e0bcfd719c8ae007b5ee6832d8917b683aac229e2d160948de0d013f6011e6f98c2582bef193a3ccf0a13742e61901d13c09535f82eb09f0ec63ffbebdee92bc40fd315e5638aba481fc87ca58693a6159a4137efe0e5f71505dad315269943a37f780ce148f0c045aa8aa785886f3eccd22e30377463b306f841fea58052363f5c6d063c2d8c9f5fdbe0a084caeded5f52e9af0e6ed559c1e83deeb3d6e09f4b6344ee7f9035520462300cc5f2c1f8b919a0759ed135827b39265af99618d3b8e248ec1bef35e0f9e8dd6de9fe36dc486194c87b05ad46ba7672514a4de26152a261b8b55a175b8770c5411d06e0cced8971946d0b4568930e77c9f129e034cadd39fa3125463dec06def98115c30258a6bbcec4b0b80b52dfe06ea86c15e432645b06eab5c8d355f478ffca22bf9610ff4e6ff29529b3f1e61099c48233f3ff61d39230d1597ac3bcdcb68ae6bbf9ff553354e199a2606b680a312a8569d7e180a5e7fe7fd1e61c9384f64fc45ba5e03947fb9504bea650d4aa25e0a24bd0a4f187c02e8d20c369d27b319ed1c4920f5153a2d4e95311a0f34e57a223380b8d39175d40c9b423e1a34a0a0ed95b34e16c4bc0a9d237090917ce02c35030bbd10c8cc354fe9917c54c46e3a12e2b7cf4e1e8c4753ac1a1b8ef88dd039f22357bb2b4cfe440508fe95b52ea7e25d6b4c40e2312b26ebea13e132760d9acd3b44f41c8dffa5e29965d3e49ae88c8bdf6cf4434b2fb66d629445058b6f70960ae9d78b0ad0318fa50e44a15da7272c0a8e3136fa84479864ed0335c8fda1f553082b2c2582ebdab77195adc24f5f33dbfd45fadc2d2e09593a3f65bf03a05ce2d4c1c90991dbf51ec38ba413bec81a3aa88b95f135ec6eda77af86e33f46839643615d0418eb16449d98771c05f90392680eedf2d2e8aa9ce661087fd89a1e36638055fa39c316870f4de36ca4da6ce71073e25c131d27d8738083d8dae8e526715295d0c06545cde8e92870dcf967e61f2466f3fc94c4097bc459f7d23fd9b31b9216d8824511b612683dc753d5588d144ea880d90cd7e3e42c03bf135e169c43454447516159eca6730d51f19f24d485220774a5a3485848ff3561d676a11aa11be7914abe3434312438635ff589d2829a325f767798b4c9b322d772d15d4785e3d2bcb2fb43ec76bd614297d6491ea9d8df82aeb3d347568433b11eed32d37f1faa6ebaed9be8f14b8b95d49e1c19cf1fdd49cecfda0c095a4cf266e50ddaa943d813269533fec719cb80443f4b6a857cc3e833374c1fe0d5bba64bfc063cc57524859f1ea675f584ccb81fcdfd53748d2a7c00f043c9a9b79470eabce4cb670860f0bddc45674d7fc64e26ee7d54dfd1ae8045ddaff81bf30dd57b1c01e3f90806633a89cc771358e0a318c74503d06a3747f29189f720449bbe803766de6110d0655b145f060e28cca4acb90164b318015ee474d1ea8e2353299704aae1f55dee4cb48f44c4ad1d6d7f74b92e7058bfa83ee4f6c84fc339b218ad5218e19dbde730a37b80975a7ee1cab9d03ca9887814fde39ed557cdb9336edd65118e02b656df28915d391b3b2f2c3daacc9fc7c25aca151850303df6d6eb167a98f5e14a2abd7b4e64d850aab7f42982ef9c0be04e6c5acf0a10f20ce2c93249824385a19246d40deebdb59ea80b058fc80382c05141b39877d0a56b33d0686ca0c2253d96bc48060f17454ddb533904f78d46fcf9a6ed2ca6cd16c462f584aa74b0c62cd5b76b5c124d80830f13de8ebe79e2e6fae94be516a2e81bc8b93d36fdb8943664610b1928893503b14098fd1e7742537cf38282fcd29681f1a78d81ef82c748f8d1b42a42bad3a6942022fefaba065c51ead18888c09907053fbf5e6c4a127f982a73f6aceaa7f10115ee05ef2d30463eb04d8b6f64c35e3e0518d07c7ffeccbf765f3d8b8bdadb1b350e0249a6b00a3b0c8270f9962850acf592eeb56dbbbf53a578494c9164666a36d0a05d2b9023a9913513f33e9b73722ac576da757fee9d0157aeab70de635f7a9f7b582c2c6534410ab7554541f94fb6f8385347133d2f0c3f4f81692c20f1187e74767fe1f287558c121208619230323846df90d11f00104c211b7dd6e254b734d004fa3d8a1508eea77c03134c395b0fe4cb83ff076c99f7f25b1c27a4d3e8872a8a6235beb275515ed2c230d9749c0d7db8857fb3443acfd7fa3a525cc01895fad6bf5465c93ebf64125eade18c1f4c34d2e3c21ccf9c749e0fac1979aa2e0704624cb449b78acbfdfddd2f43bf814d44d4404e10bb99d49c916d8d9ff2dabe2a452f98002b93fb312819bf2df4b239a8e43ef4ae56ff9bc735a6b385d021bec15f1e2d63ee489c30891fcb167f0788f991fad977545d1cb5bb4dad8d3e3c0af21062ed94ec80a03d06793a11c23cefa1096ae273345cd257e0608071158d61b4d82b096df734148f7fbf50031c1793077a67ba0cb00293f0fa62b3198659c517e2eb812f8b6adf46421d7ab9ab86f0b7139aabcfd0f916dd652191bb474edad7e85e44404910327fd2f0776b854c4537fcbfafdc7b0a8b606628001c2cbd90f50aff72695a21577695010eb55254c30abb9cec2a2d248ad1a192e1bcf55aae0abec5cacd061b718b40e7c7e232e754f4bd068318bac2a3e48732d0d084588e6bcc1693cb044e1cc16f27ff8f47805c9dad1c7880d1dfbe3debfbb0435e27a12462fa9b568928782487ceadb8c58f802b0b718db59e624f491b3110cc3c6d0d6816c2410827a1d87c2a7eabdb82571c77721f3f9d1b3bbe2bb8d1445546d03f2947b9752d8fc6dddbee18c12d76b86c171293da6d036f8d6110e415ba49ecb7f0330a9b639de516972f95d635445bd09f9d62da2e20d3098ac71080ca343af258e3300fd010dba06c22b72ad1723f773e2efb8b734c786fb3d90f117883f3b0bba7deb22721f72c9d78d7ba404e55047095ec1e7289964272e47be3536c8724d804f92701331bdc06d4c4ef2b17f53f798eadcd27570e1dcca7788c9bcaba11ef66f2b5359e0c1176a6c80c557c81d636e14bd9e7f5d426170bc184bfa7dd8b235cf17231bf9143d09c99ed4c62aa6c840835175ae2fdc677c0a13857d6cc93f267cfbb35405a603d164a74d05d89b1d1b864e2fc920c3e79e9b80eaeb6407161970a1f5b31067ce635680f4907807923683c57cc1d1b8e037291ae915f2589cb353ff7c8a5afa01670ebfa94c1c2e649eb1c71ffc0aa9ac1e4dd2304714f4df1027af7b6aec1001003f12242f723dc0bb3d5b3443cf32390dca328406ee3e45f59385972b75107ef7329123d80270b3b2361eb6229c5f826f02be140aa037ce76c170b99ed68ec94905f258eea6d4e4872a0c8f7fa49e9413866702669e2dd17c7d2fe1647997de0cd1ee401d81ff20e9f16cf3030197c879eb6d429130d86d12653b524195d4acb180a76d7146ad836c0492baf664a62e5738e46d2a710a51b59d2f21d765489075f88837b3f3bc140f8ead86607e43ee76ff72b0928dbe58df85c2fe74abecdada1d937462f02de2e7e0f8ae13aef4458e1f5bb5d70b8a4ec2df392e0e4854005d2105a6420df40954cb2f5963af4e8cb4781a83701cf3b0d1c2c14a991a926b54080b8a56b8db6c000321812f26cecc8e158567923364d13b528f3430b0acf11a99dd0af08dafb06e333956ce234b218c388e35c2a48173e35bed57957406d27ccc651259c8aa30a4a36352c7ce6e3a3a5112969c9ecb631887280d9d39ab60c085347f265d120fc1353463a8ea74d46ffee97680598cb99dd413df1375ca6e55f58f7128e277e1cbd44d63eca6bd02f370b6de36e3932dd2fe74a6ebb425147aa52a95ed7d68a23c926fa492b8421208fec245e35411b2843be207672196ae5bf7c5c979aff12d6c9c23425cb60c5c96f2688df13aa363b1ff0414a827ecfd0f2cf322df7dd4cbd11354e75debafd00a71a683130b4c1b854f7f845e09b220f05cc5205b0b3a0e3620f28b6a5d013006d4f3f6ee5dcff5dca1f8d49296f432220f0915df9ac69a5501ce5006e991e31b3483f2fc482a62046eb0c4b0c824b32f4ce2da51f0091f24aa7ae9623e21241f4efdad274da7ba58541fce3ed7d06e7a4d764208da5e87a074bc6cdcd072b92bf2093a6d64a308a247cc5fd9b8696b070021c278f00c3ef0bc8b367b72f83a7114099a125fb0eda33c8eeb397a6f0708e6c9a4850bc81a58de8ef34a8a48389be2a890341b4fe51f6b73d41d29974fe4f63fe0c7e274fba3f12ee509ffea1099c83957f9511d0493a7ef64d83062bedd3e60d9d39ebe0f6744b9fa794f554335f49a1d93eacf896900352b4da67c25c993a85a77cf205caa33d5df02a2f82920630d58ae19631a94f91f67375738db4e9a4855e71c3fb6d5d5500b8386dc82517ec5e1216ae889798f2fdd985ae9ee0521dbc500f1517e2e33c71473ff55d82c4acf52f745a0dbe2e6f41303f4aa752d2bd8536502b9a8bd79d64ef40da45f84ffb409766cac99d92fa8ed1c89c18d5208fdf9c81d15113cdc9d9b8225daf5a49635e367f963f09add1320ab82447407d7276262bd905591068e55baa8b5a9591b7c6543506ee0a280ec2c2df6eb08bdcf61ceee472a101a54cf1cbe92fe064dce6dbf3a539b12d0b7d0425bd36d4005293a61397133e9d8e10adc0b9533562e941d96bd67cc910edbeaa5ae9e63d0e9608a879bfb8c0b1bd8a5c7e490b884238cd98bae8882a4978d3a3d0199505320e52c86089f47cfb6b73b7b1e43b4cecdb62739908b7ff1b5d9eaf8326f84ebaf45a0a55ff535ba9dce768dc8482bf45faca4eed14c0dd6cdadb7261e261f4635f26b2a5e3253d6fbd5725f700425b14a2021c6b135f7964ab64e68e5e840c76e8d1593a33c07019ba77faed6ae6dddc2d6fbf942f2801980eca14e64a7d90a41877187d37019889a14c6765fcda764c205844eb00a77e9aab0d4cd2d8a172ff7d05d843fa1d70e545fecc8fc9faf16fbc70acf33914fcd58e7b3a8d528fe05066f90e5af47928bce5bee4cb4530edf540ec44dc1ea5fd62566cc44577a9d3c3cf839a2a1868124709dcf352ff7d7feb291f0bfa3ebe0ac778fadc3f17bdf9d7a626ca06d23842595c672433ceba9ea1c5a3c26d825a3da77a61c13ac8002910d2e90fbd84e9ae7366fd4644888b3badf4963338f2e7f9ebbd2fac333446df48807061bbef1a9b80aa38cbac917503fa9424a1944c24ce7d01a3da9b6a8e0734b927609e3f0ebcd6c9bc2d1efc16b9145336f36fd8cc58191ca851808c09d72fe9e9cfbeb9370ae4d4801144db980055411da68cc744bfc6f8f27c96a0943d48f9a58ea506ab3356380ffc8dad1ea9b2eabd9d3f1eb3bb13dfd4c0951be2d021ff8c1d2ec48a38baaf68236cdaf1da39b3c52f7df13372d68e27b9acef9c815b77b71270a523ff0dcb3bc87ec0c24f657b85d7cf30f6624a55cc9fc2c1a0094ce145fdf06cdfcfa0046ab6b56ef812c6be721a6f4083554dd6608ce17aa2bae1457bc76970b0e7cbb828228a9e0d630252bc44e62a5dfa9c320148302ab589c1a69d1ff2f1b3a9a77609ade54ebc990806293b5a44096414544e08d531a6b7025d6c953b88c92039f0b965bed6a77ad2a73cc069463e2a1a75693f54173ac1ad7e6d8ce2b3346624f07574d6034b5fc1fa38c6d48f86a3e5b056e1f3b6dffb5f8bf3c399b204b47d2e1ef98ce90bb8df5b1610a1f4801fdecb1e9e4b11b985829433e7c10f8edd659bdab22b8be9befd81af204c56c6223784b44e6dda6ba5f2b0cc42668f99bd2412f58da68755d8a1a3bc92131823beaa1b181e912043b1bc7b53c9d1dcb1ebb839225c59cdb31fc5cd8e39271569b54e1b4ef809455f5889bfccdd0ee879404b0ccb2bd22268980bdd8a47e60f6e134e288c6daa2471c13285ecd66d4e4c950469256447ad9aa0a2d0b2874ea10c8b12924238b59338944f2ed0300d829662b07b8881c79fc0487cb62fca1785b6609a9bc1f42dbeffc85dbbb6fa5552f4a18107bbadc7df42d8c633b1a67fcaad201354acb8a92ce283e0425bf4b5ef1b175e1e7bf37368bada9f843d980fbe7081b620f8aa540ae0407206cba45fa0b156d98ae83d8a51cacde8c98793c09d67a7ea0ded5b4e35531998d7415de98351baf6b7a5f92a05dac0e710575909ab4f60b6268f8c3e4ab4aed2573261a8ce4b79f6aa07a5cbbfc9f6ac6a0882e89587c5bb9cf9b7783c9de50f41eabcfdb14e2454a64eabc30b1f891c4eef4ade425b4fde72b6681b6ea3b40fb2effafd1a0e7bee89f10b3e6c63d74cb86dac0763b086fac0f8f825f7b6e781f8dea2f42e60bc9f8d5907a7bda60f52c090e7d44921086a0c7a4ab18df88d894ad87d7228b2ce4c922b21f21b0a00ad14a34d80d3925ffbd87d69148f6353a498337454a62d0281f765b5ea9a097da638bf432f6bac2751352a1fcd37fc196910c8deba727f86a7810b85c2e7bed724fa8ddacbcc42ca3c44b523784c46566a56f4f38ca86f82c36e89851503d1ae15dd7037376b4da999a00a013a4cead3e10b0e5fbc8ec5101c654a039409e877d45628de2a35054842c775455c8ad051d9827772ed51965f254361eb9b66ae722703c3d375b908f4ac763ea11249e89155ca780f8f52c3f06cff71474567cc55031310d8a8870698923b822e205290824f88b94f78c01d2d42bcb5102205b85dd3bed7de75624cf7063fbf1fae4827f9d132e1045cea9c6502568f08306388b8ebcbaab520786103fc548807d07deb614841fa08f697a9731e1bf531fa9255a4ce96f6f855c8153009f5197a398b38df1203aae42dfee105629c7357c620eed73979563463a46670c3d38eaea92c77ef208001100", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x2660}, 0x1, 0x0, 0x0, 0x11}, 0x800)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f00000000c0)={{0x2, 0x4e22}, {0x306}, 0x8, {0x2, 0x4e24, @multicast1}, 'bcsf0\x00'})
msgrcv(0x0, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x0, 0xa4a3ad41a879dde0)

12:12:34 executing program 3:
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000002580)=""/68, 0x44, 0x0)

[  148.628100] FAULT_INJECTION: forcing a failure.
[  148.628100] name failslab, interval 1, probability 0, space 0, times 0
[  148.639401] CPU: 1 PID: 9252 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  148.647807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  148.657170] Call Trace:
[  148.659771]  dump_stack+0x1c9/0x2b4
[  148.663400]  ? dump_stack_print_info.cold.2+0x52/0x52
[  148.668665]  should_fail.cold.4+0xa/0x11
[  148.672734]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  148.677844]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  148.682870]  ? lock_acquire+0x1e4/0x540
[  148.686850]  ? is_bpf_text_address+0xae/0x170
[  148.691339]  ? lock_downgrade+0x8f0/0x8f0
[  148.695521]  ? lock_release+0xa30/0xa30
[  148.699493]  ? lock_acquire+0x1e4/0x540
[  148.703721]  ? fs_reclaim_acquire+0x20/0x20
[  148.708031]  ? lock_downgrade+0x8f0/0x8f0
[  148.712171]  ? is_bpf_text_address+0xd7/0x170
[  148.716656]  ? check_same_owner+0x340/0x340
[  148.720964]  ? __kernel_text_address+0xd/0x40
[  148.725448]  ? rcu_note_context_switch+0x730/0x730
[  148.730376]  __should_failslab+0x124/0x180
[  148.734605]  should_failslab+0x9/0x14
[  148.738405]  __kmalloc_track_caller+0x2c4/0x760
[  148.743076]  ? save_stack+0xa9/0xd0
[  148.746692]  ? parse_opts+0x176/0x500
[  148.750481]  kstrdup+0x39/0x70
[  148.753664]  parse_opts+0x176/0x500
[  148.757280]  ? do_raw_spin_unlock+0xa7/0x2f0
[  148.761677]  ? p9_fd_poll+0x2b0/0x2b0
[  148.765465]  ? kasan_check_write+0x14/0x20
[  148.769691]  ? do_raw_spin_lock+0xc1/0x200
[  148.773920]  ? trace_hardirqs_off+0xd/0x10
[  148.778142]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  148.783235]  ? debug_check_no_obj_freed+0x30b/0x595
[  148.788263]  p9_fd_create+0x8b/0x3f0
[  148.791967]  ? p9_fd_show_options+0x1c0/0x1c0
[  148.796455]  ? trace_hardirqs_on+0xd/0x10
[  148.800591]  p9_client_create+0x813/0x1587
[  148.804826]  ? p9_client_read+0xc70/0xc70
[  148.808963]  ? lock_acquire+0x1e4/0x540
[  148.812924]  ? fs_reclaim_acquire+0x20/0x20
[  148.817243]  ? lock_downgrade+0x8f0/0x8f0
[  148.821392]  ? lock_release+0xa30/0xa30
[  148.825355]  ? __lockdep_init_map+0x105/0x590
[  148.829844]  ? lockdep_init_map+0x9/0x10
[  148.833895]  ? kasan_check_write+0x14/0x20
[  148.838117]  ? __init_rwsem+0x1cc/0x2a0
[  148.842079]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  148.847084]  ? __kmalloc_track_caller+0x311/0x760
[  148.851916]  ? save_stack+0xa9/0xd0
[  148.855536]  ? save_stack+0x43/0xd0
[  148.859179]  ? kasan_kmalloc+0xc4/0xe0
[  148.863056]  ? memcpy+0x45/0x50
[  148.866332]  v9fs_session_init+0x21a/0x1a80
[  148.870640]  ? rcu_note_context_switch+0x730/0x730
[  148.875560]  ? legacy_parse_monolithic+0xde/0x1e0
[  148.880402]  ? v9fs_show_options+0x7e0/0x7e0
[  148.884801]  ? lock_release+0xa30/0xa30
[  148.888763]  ? lock_downgrade+0x8f0/0x8f0
[  148.892900]  ? check_same_owner+0x340/0x340
[  148.897220]  ? kasan_unpoison_shadow+0x35/0x50
[  148.901788]  ? kasan_kmalloc+0xc4/0xe0
[  148.905665]  ? kmem_cache_alloc_trace+0x318/0x780
[  148.910500]  ? kasan_unpoison_shadow+0x35/0x50
[  148.915068]  ? kasan_kmalloc+0xc4/0xe0
[  148.918952]  v9fs_mount+0x7c/0x900
[  148.922489]  ? v9fs_drop_inode+0x150/0x150
[  148.926711]  legacy_get_tree+0x131/0x460
[  148.930763]  vfs_get_tree+0x1cb/0x5c0
[  148.934564]  do_mount+0x6f2/0x1e20
[  148.938100]  ? copy_mount_string+0x40/0x40
[  148.942330]  ? retint_kernel+0x10/0x10
[  148.946210]  ? copy_mount_options+0x1f0/0x380
[  148.950695]  ? copy_mount_options+0x1f6/0x380
[  148.955178]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  148.960705]  ? copy_mount_options+0x285/0x380
[  148.965194]  ksys_mount+0x12d/0x140
[  148.968815]  __x64_sys_mount+0xbe/0x150
[  148.972795]  do_syscall_64+0x1b9/0x820
[  148.976667]  ? finish_task_switch+0x1d3/0x870
[  148.981162]  ? syscall_return_slowpath+0x5e0/0x5e0
[  148.986088]  ? syscall_return_slowpath+0x31d/0x5e0
[  148.991015]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  148.996019]  ? __switch_to_asm+0x34/0x70
[  149.000068]  ? __switch_to_asm+0x34/0x70
[  149.004121]  ? __switch_to_asm+0x40/0x70
[  149.008170]  ? __switch_to_asm+0x34/0x70
[  149.012218]  ? __switch_to_asm+0x40/0x70
[  149.016269]  ? __switch_to_asm+0x34/0x70
[  149.020316]  ? __switch_to_asm+0x40/0x70
[  149.024370]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  149.029207]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  149.034381] RIP: 0033:0x456a09
[  149.037571] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  149.056458] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  149.064155] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  149.071423] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
12:12:34 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
read(r0, &(0x7f0000000000)=""/177, 0xb1)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x400, 0x0)
getsockname$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @rand_addr}, &(0x7f0000000200)=0x10)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x82)
ioctl$TIOCSCTTY(r2, 0x540e, 0x7ff)

12:12:35 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000200)='/dev/snd/pcmC#D#p\x00', 0x3, 0x80)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000240))
read(r0, &(0x7f0000000000)=""/177, 0xb1)
r2 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x7, 0x400)
getsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f0000000180)=0x4, &(0x7f00000001c0)=0x4)

12:12:35 executing program 5:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='mqueue\x00', 0x0, &(0x7f0000000380))
mknod$loop(&(0x7f0000000040)='./file0/file0\x00', 0x2000, 0x0)

12:12:35 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x60000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

12:12:35 executing program 0:
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)="7379736673002a864f4bc00bce1bdb20637213b1e894d120715f9dc1125b042c7226eb0136d9624ea1d23374a660fe5ac173722fd367ad22e8553025a2e8be0bc5514379af7213d32b8d5d06dc8fbf2c849ed9cdefc74b03dfa9cb5a90b28b4b24d7862c3d66fca53167d5424235435a3dbb76bc7d3c42fc2e9c696114a6f888f0da85277683cfc1c4d2bf71c255a3134d64cc3fed8e97798deb8631cbf7682c9fa2ed031465aa191df922f764297cba22a8499d177f49fba940f55bbc8b723fd374f1fed78c8aeec6811d9b5879487387d56594a14c2588274de84fa27610302b3fb54172a8c910a07e7c76ea465aa68402", 0x0, &(0x7f0000000080))
chroot(&(0x7f0000000080)='./file0\x00')
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

[  149.078683] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  149.085938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  149.093196] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000012
[  149.100632] 9pnet: Insufficient options for proto=fd
12:12:35 executing program 4:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x8000, 0x0)
ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000340)=""/90)
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0x50, &(0x7f0000000200)={0x0, <r1=>0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000280)=r1, 0xffffffffffffff52)
msgrcv(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000023855167a486d6c80128eae6a7c9a8"], 0x57, 0x0, 0xa4a3ad41a879dde0)
r2 = msgget(0x2, 0x1c)
msgctl$IPC_RMID(r2, 0x0)
setsockopt$inet6_dccp_buf(r0, 0x21, 0xc, &(0x7f0000000140)="aa004c3e4e", 0x5)

12:12:35 executing program 6 (fault-call:6 fault-nth:19):
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000000000000000000000000007002e2f66696c6530000000000000"], 0x2a)
write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid'}}]}})

12:12:35 executing program 4:
perf_event_open(&(0x7f0000000180)={0x2, 0xf4, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgrcv(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="000000000000000000c8ccb176a76b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x57, 0x0, 0xa4a3ad41a879dde0)
r0 = shmget$private(0x0, 0x1000, 0x700, &(0x7f0000ffc000/0x1000)=nil)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x4a800, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000080)={{0x2, @loopback, 0x4e24, 0x1, 'none\x00', 0x8, 0x6, 0x6}, {@multicast1, 0x4e24, 0x3, 0x100, 0x40, 0x2}}, 0x44)
shmctl$IPC_RMID(r0, 0x0)

[  149.221128] kasan: CONFIG_KASAN_INLINE enabled
[  149.225849] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  149.233313] general protection fault: 0000 [#1] SMP KASAN
[  149.238880] CPU: 0 PID: 9280 Comm: syz-executor0 Not tainted 4.18.0-rc7-next-20180801+ #29
[  149.247290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  149.256672] RIP: 0010:do_remount_sb+0x371/0x850
12:12:35 executing program 5:
mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0)
mknod$loop(&(0x7f0000000040)='./file0/file0\x00', 0x2000, 0x0)

[  149.261364] Code: ff ff ff e8 e1 f8 19 05 41 89 c5 48 8b 85 30 ff ff ff 48 8d b8 e0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e b5 03 00 00 48 8b 85 30 ff ff
[  149.280393] RSP: 0018:ffff8801907cfa38 EFLAGS: 00010202
[  149.285886] RAX: dffffc0000000000 RBX: ffff880198ab0640 RCX: ffffc90012898000
[  149.285928] FAULT_INJECTION: forcing a failure.
[  149.285928] name failslab, interval 1, probability 0, space 0, times 0
[  149.293163] RDX: 000000000000001c RSI: ffffffff81eeb49f RDI: 00000000000000e0
[  149.293176] RBP: ffff8801907cfb40 R08: ffff8801d50800c0 R09: fffffbfff0fc24e5
[  149.293187] R10: fffffbfff0fc24e5 R11: ffffffff87e1272b R12: ffff8801907cfb18
[  149.293197] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[  149.293218] FS:  00007fb89e42e700(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000
[  149.304418] CPU: 1 PID: 9290 Comm: syz-executor6 Not tainted 4.18.0-rc7-next-20180801+ #29
[  149.311655] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  149.318903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  149.318912] Call Trace:
[  149.326170] CR2: 00007f40bbb3e000 CR3: 00000001d7a07000 CR4: 00000000001406f0
[  149.333441]  dump_stack+0x1c9/0x2b4
[  149.341728] DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
[  149.350112]  ? dump_stack_print_info.cold.2+0x52/0x52
[  149.355969] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  149.365309]  ? perf_trace_lock+0xde/0x920
[  149.367862] Call Trace:
[  149.375121]  should_fail.cold.4+0xa/0x11
[  149.378725]  ? kpageflags_read+0x370/0x370
[  149.385981]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  149.391154]  ? user_get_super+0x250/0x250
[  149.398410]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[  149.402544]  ? down_write+0x8f/0x130
[  149.405110]  ? lock_acquire+0x1e4/0x540
[  149.409153]  ? ksys_umount+0x8da/0x1310
[  149.413370]  ? is_bpf_text_address+0xae/0x170
[  149.418453]  ? down_read+0x1d0/0x1d0
[  149.422579]  ? lock_downgrade+0x8f0/0x8f0
[  149.427583]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  149.431279]  ? lock_release+0xa30/0xa30
[  149.435230]  ? ns_capable_common+0x13f/0x170
[  149.439180]  ? lock_acquire+0x1e4/0x540
[  149.443658]  ksys_umount+0xfbf/0x1310
[  149.447347]  ? fs_reclaim_acquire+0x20/0x20
[  149.451475]  ? lock_release+0xa30/0xa30
[  149.456990]  ? lock_downgrade+0x8f0/0x8f0
[  149.460943]  ? dput.part.26+0x248/0x7a0
[  149.465346]  ? is_bpf_text_address+0xd7/0x170
[  149.469337]  ? __detach_mounts+0x430/0x430
[  149.473128]  ? check_same_owner+0x340/0x340
[  149.477444]  ? mntput_no_expire+0x18e/0xbc0
[  149.481384]  ? __kernel_text_address+0xd/0x40
[  149.481401]  ? rcu_note_context_switch+0x730/0x730
[  149.485536]  ? do_raw_spin_lock+0xc1/0x200
[  149.489493]  __should_failslab+0x124/0x180
[  149.493977]  ? mnt_get_count+0x150/0x150
[  149.498186]  should_failslab+0x9/0x14
[  149.502486]  ? dput.part.26+0x276/0x7a0
[  149.506786]  __kmalloc_track_caller+0x2c4/0x760
[  149.511261]  ? shrink_dcache_sb+0x350/0x350
[  149.516170]  ? save_stack+0xa9/0xd0
[  149.520387]  ? current_umask+0x70/0x70
[  149.524600]  ? parse_opts+0x176/0x500
[  149.528661]  ? __x64_sys_futex+0x47f/0x6a0
[  149.532447]  kstrdup+0x39/0x70
[  149.536405]  ? do_futex+0x27d0/0x27d0
[  149.541053]  parse_opts+0x176/0x500
[  149.545355]  ? __ia32_sys_fchdir+0x1f0/0x1f0
[  149.548960]  ? do_raw_spin_unlock+0xa7/0x2f0
[  149.552829]  ? ksys_mount+0xa8/0x140
[  149.556606]  ? p9_fd_poll+0x2b0/0x2b0
[  149.560834]  __x64_sys_umount+0x54/0x80
[  149.564006]  ? kasan_check_write+0x14/0x20
[  149.567795]  do_syscall_64+0x1b9/0x820
[  149.571425]  ? do_raw_spin_lock+0xc1/0x200
[  149.571444]  ? trace_hardirqs_off+0xd/0x10
[  149.575828]  ? finish_task_switch+0x1d3/0x870
[  149.580219]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  149.583912]  ? syscall_return_slowpath+0x5e0/0x5e0
[  149.587694]  ? debug_check_no_obj_freed+0x30b/0x595
[  149.591667]  ? syscall_return_slowpath+0x31d/0x5e0
[  149.595895]  p9_fd_create+0x8b/0x3f0
[  149.599855]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  149.604066]  ? p9_fd_show_options+0x1c0/0x1c0
[  149.608301]  ? __switch_to_asm+0x34/0x70
[  149.612778]  ? trace_hardirqs_on+0xd/0x10
[  149.617861]  ? __switch_to_asm+0x34/0x70
[  149.622782]  p9_client_create+0x813/0x1587
[  149.627787]  ? __switch_to_asm+0x40/0x70
[  149.632705]  ? p9_client_read+0xc70/0xc70
[  149.636405]  ? __switch_to_asm+0x34/0x70
[  149.641414]  ? lock_acquire+0x1e4/0x540
[  149.645903]  ? __switch_to_asm+0x40/0x70
[  149.649952]  ? fs_reclaim_acquire+0x20/0x20
[  149.654085]  ? __switch_to_asm+0x34/0x70
[  149.658126]  ? lock_downgrade+0x8f0/0x8f0
[  149.663027]  ? __switch_to_asm+0x40/0x70
[  149.667069]  ? lock_release+0xa30/0xa30
[  149.671196]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  149.675239]  ? __lockdep_init_map+0x105/0x590
[  149.679218]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  149.683234]  ? lockdep_init_map+0x9/0x10
[  149.683256]  ? kasan_check_write+0x14/0x20
[  149.687556] RIP: 0033:0x456a09
[  149.691595]  ? __init_rwsem+0x1cc/0x2a0
[  149.695719] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  149.699770]  ? do_raw_write_unlock.cold.8+0x49/0x49
[  149.703715] RSP: 002b:00007fb89e42dc78 EFLAGS: 00000246
[  149.708545]  ? __kmalloc_track_caller+0x311/0x760
[  149.713012]  ORIG_RAX: 00000000000000a6
[  149.718187]  ? save_stack+0xa9/0xd0
[  149.722231] RAX: ffffffffffffffda RBX: 00007fb89e42e6d4 RCX: 0000000000456a09
[  149.726450]  ? save_stack+0x43/0xd0
[  149.729618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000040
[  149.733567]  ? kasan_kmalloc+0xc4/0xe0
[  149.733583]  ? memcpy+0x45/0x50
[  149.752564] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
[  149.757562]  v9fs_session_init+0x21a/0x1a80
[  149.762897] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  149.767721]  ? legacy_parse_monolithic+0xde/0x1e0
[  149.771669] R13: 00000000004d5c20 R14: 00000000004c936b R15: 0000000000000000
[  149.775297]  ? v9fs_show_options+0x7e0/0x7e0
[  149.782562] Modules linked in:
[  149.786166]  ? lock_release+0xa30/0xa30
[  149.797271]  ? lock_downgrade+0x8f0/0x8f0
[  149.797289]  ? check_same_owner+0x340/0x340
[  149.800550] Dumping ftrace buffer:
[  149.807809]  ? kasan_unpoison_shadow+0x35/0x50
[  149.812098]    (ftrace buffer empty)
[  149.819408]  ? kasan_kmalloc+0xc4/0xe0
[  149.824452] ---[ end trace 43fed9c566012652 ]---
[  149.831598]  ? kmem_cache_alloc_trace+0x318/0x780
[  149.831608]  ? kasan_unpoison_shadow+0x35/0x50
[  149.831624]  ? kasan_kmalloc+0xc4/0xe0
[  149.836031] RIP: 0010:do_remount_sb+0x371/0x850
[  149.839200]  v9fs_mount+0x7c/0x900
[  149.839220]  ? v9fs_drop_inode+0x150/0x150
[  149.843189] Code: ff ff ff e8 e1 f8 19 05 41 89 c5 48 8b 85 30 ff ff ff 48 8d b8 e0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e b5 03 00 00 48 8b 85 30 ff ff
[  149.847301]  legacy_get_tree+0x131/0x460
[  149.847325]  vfs_get_tree+0x1cb/0x5c0
[  149.851641] RSP: 0018:ffff8801907cfa38 EFLAGS: 00010202
[  149.855156]  do_mount+0x6f2/0x1e20
[  149.855176]  ? copy_mount_string+0x40/0x40
[  149.863427]  ? kasan_kmalloc+0xc4/0xe0
[  149.863442]  ? kmem_cache_alloc_trace+0x318/0x780
[  149.863462]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  149.867340] RAX: dffffc0000000000 RBX: ffff880198ab0640 RCX: ffffc90012898000
[  149.872071]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  149.872090]  ? copy_mount_options+0x285/0x380
12:12:35 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
read(r1, &(0x7f0000000000)=""/1, 0x10203)
read(r1, &(0x7f00000000c0)=""/106, 0x6a)
ioctl$TIOCSETD(r1, 0x5437, &(0x7f0000fd0ffc))

12:12:35 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x4000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  149.876935] RDX: 000000000000001c RSI: ffffffff81eeb49f RDI: 00000000000000e0
[  149.881482]  ksys_mount+0x12d/0x140
[  149.881502]  __x64_sys_mount+0xbe/0x150
[  149.885384] RBP: ffff8801907cfb40 R08: ffff8801d50800c0 R09: fffffbfff0fc24e5
[  149.890020]  do_syscall_64+0x1b9/0x820
[  149.890031]  ? finish_task_switch+0x1d3/0x870
[  149.890049]  ? syscall_return_slowpath+0x5e0/0x5e0
[  149.893579] R10: fffffbfff0fc24e5 R11: ffffffff87e1272b R12: ffff8801907cfb18
[  149.897787]  ? syscall_return_slowpath+0x31d/0x5e0
[  149.897799]  ? prepare_exit_to_usermode+0x3b0/0x3b0
12:12:35 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x3b, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  149.897817]  ? __switch_to_asm+0x34/0x70
[  149.916716] R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
[  149.920747]  ? __switch_to_asm+0x34/0x70
[  149.920759]  ? __switch_to_asm+0x40/0x70
[  149.920776]  ? __switch_to_asm+0x34/0x70
[  149.924569] FS:  00007fb89e42e700(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000
[  149.929896]  ? __switch_to_asm+0x40/0x70
[  149.929908]  ? __switch_to_asm+0x34/0x70
[  149.929924]  ? __switch_to_asm+0x40/0x70
[  149.933455] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
12:12:36 executing program 1:
r0 = perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x84800)
ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0xcba)
read(r0, &(0x7f0000000000)=""/177, 0xb1)

12:12:36 executing program 4:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/mixer\x00', 0x800, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000380)={0x7f, 0x5, 0x8000, 0x600000000000, 0x2, 0x0, 0x2f, 0x7, <r1=>0x0}, &(0x7f00000003c0)=0x20)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000400)={r1, @in={{0x2, 0x4e23, @loopback}}, 0x3, 0x750032d8, 0x800, 0xfffffffffffff94e, 0x84}, &(0x7f00000004c0)=0x98)
r2 = perf_event_open(&(0x7f0000000180)={0x7, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000080)='cgroup.subtree_control\x00', 0x2, 0x0)
msgget$private(0x0, 0x18)
r5 = msgget(0x0, 0x402)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000280)={<r6=>0x0, 0x20, 0x3}, &(0x7f00000002c0)=0x8)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000300)={r6, 0x6}, 0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f00000000c0)={0x7fff, 0x80000000, 0x4, 0x6, 0xfffffffffffffffb, 0x2, 0xffff, 0x9, <r7=>0x0}, &(0x7f0000000100)=0x20)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={r7, 0x2}, &(0x7f0000000240)=0x8)
msgrcv(r5, &(0x7f0000000140)={0x0, ""/79}, 0x57, 0x4, 0x24a3ad41a871dde0)

[  149.937671]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  149.937693]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  149.941582] CR2: 00007f40bbb3e000 CR3: 00000001d7a07000 CR4: 00000000001406f0
[  149.946388] RIP: 0033:0x456a09
[  149.946402] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  149.946413] RSP: 002b:00007f5e037c3c78 EFLAGS: 00000246
[  149.951957] DR0: 0000000020000000 DR1: 0000000020000000 DR2: 0000000000000000
12:12:36 executing program 7:
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c)
sendmsg$key(r0, &(0x7f0000000040)={0x20480, 0x6000000000000000, &(0x7f0000000180)={&(0x7f0000000100)={0x2, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, [@sadb_x_filter={0x5, 0x1a, @in=@broadcast, @in=@local}]}, 0x38}}, 0x0)

[  149.959181]  ORIG_RAX: 00000000000000a5
[  149.959190] RAX: ffffffffffffffda RBX: 00007f5e037c46d4 RCX: 0000000000456a09
[  149.959199] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  149.959211] RBP: 00000000009300a0 R08: 0000000020001940 R09: 0000000000000000
[  149.964757] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  149.969214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  149.969229] R13: 00000000004d1750 R14: 00000000004c6e7f R15: 0000000000000013
[  149.969527] 9pnet: Insufficient options for proto=fd
[  149.976541] Kernel panic - not syncing: Fatal exception
[  150.182075] Dumping ftrace buffer:
[  150.185601]    (ftrace buffer empty)
[  150.189292] Kernel Offset: disabled
[  150.192910] Rebooting in 86400 seconds..